Showtime  for  HP,  Aprisma  Companies  plan 

to  debut  products  at  respective  customer  conferences.  PAGE  8. 


Return  of  the  CLECs  Free  from  bankruptcy, 

competitive  service  providers  are  taking  new  paths.  PAGE  25. 


Everybody  from  Mary  Kay  to 
the  Marine  Corps  is  struggling 
to  piece  together  a  coherent 
application  performance 
strategy  using  multiple  point 
products. 

■Page  33 

Battle  for  bandwidth: 

American  Business  Maintenance 
is  using  Racketeer’s  WAN  acceler¬ 
ation  appliance  to  make  better 
use  of  its  bandwidth.  Page  37 

On  point:  A  tour  of  some  of  the 
top  point  products  for  applica¬ 
tion  performance  management. 
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performance  issues  before  they  become  serious. 
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Application  performance  management 


Don't  forget  the  men  behind  MPLS  and  spam. 


■  BY  NEAL  WEINBERG 

James  Gosling  is  one  proud  papa. 

The  father  of  Java  says  he  gets  recognized  quite 
often,  mostly  in  “geek  contexts.”  In  Asia  he  gets  asked  to 
sign  autographs,  and  during  a  recent  trip  to  India  3,000  peo¬ 
ple  at  a  conference  sang  “Happy  Birthday”  to  him. 

Gosling,  who  is  now  CTO  of  Sun’s  Developer  Products 
Group,  enjoys  the  accolades.The  single  coolest  thing  about 
being  the  ‘father  of  Java’  is  having  folks  come  up  to  me  and 
say, ‘Thanks!  You  changed  my  life!’” 

In  honor  of  Father’s  Day,  we’ve  tracked  down  a  handful  of 

See  Fathers,  page  14 


■  BY  ELLEN  MESSMER 

Security  innovations  being  built 
into  switches  are  attracting  atten¬ 
tion  from  buyers  who  not  long 
ago  focused  primarily  on  feeds 
and  speeds. 

Network  executives  say  they 
need  all  the  help  they  can  get  to 
cope  with  today’s  threats.They  are 
eager  to  use  new  switch-based 
security  schemes  —  such  as  the 
ability  to  quarantine  viiuses  and 
enforce  policies  —  being  touted 
by  Alcatel,  Cisco  and  Enterasys 
Networks,  among  others.  In  the 
forefront: 

•  Alcatel  next  month  is  ex¬ 
pected  to  introduce  its  Auto¬ 
mated  Quarantine  Engine  switch 
technology  that  works  with  intru¬ 
sion-detection  systems  (IDS)  to 
isolate  worm-infected  machines 


for  remediation  purposes. 

•  Cisco  says  this  summer  it  will 
enable  its  Catalyst  switches  to 
defend  against  worms  and  dis¬ 
tributed  denial-of-service  (DoS) 
attacks. 

•  Enterasys  recently  introduced 
its  Automated  Security  Manager, 
which  provides  policy-based  con¬ 
trol  on  its  switches  through  help 
from  IDS;  and  this  month  the 
company  will  expand  its  quaran¬ 
tine  mechanism  through  use  of 


information  from  scanners  and 
anti-virus  policy  enforcement. 

When  the  Blaster  worm  crip¬ 
pled  the  campus  network  at  Abi¬ 
lene  Christian  University  in  Texas 
a  year  ago  by  getting  scores  of 
infected  student  computers  to 
scan  wildly  the  IT  staff  concluded 
that  it  needed  more  tools. 

“We  thought  we  had  the  peri¬ 
meter  secured  at  the  Internet,  but 
when  the  students  connected  up 
See  Switch,  page  16 


Saluting  digital  dads 


H  A  Wider  Net 


Security  titans  intensify  rivalry 


■  BY  ELLEN  MESSMER 

Network  Associates  and  Syman¬ 
tec  long  to  be  more  than  anti¬ 
virus  vendors.  The  rivals  want  to 
be  one-stop  security  shops  where 


businesses  buy  everything  from 
intrusion  prevention  to  spam 
contiol  to  firewalls. 

Each  has  invested  a  small  for¬ 
tune  in  pursuit  of  this  goal,  yet 
sweeping  success  is  guaranteed 


for  neither. 

Since  CEO  John  Thompson 
took  the  helm  four  years  ago, 
Symantec  has  parlayed  its 
strength  selling  consumer  anti¬ 
virus  software  into  a  string  of 
acquisitions  that  began  with  fire¬ 
wall  and  vulnerability-assessment 
firm  Axent  Technologies  and 
ended  most  recently  with  the  pur¬ 
chase  of  anti-spam  market  leader 
Brightmail. 

Over  that  same  period  of  time, 
Network  Associates  —  which  as 
early  as  next  month  will  be 
renamed  McAfee,  its  anti-virus 

See  Anti-virus,  page  60 


Switches  taking  on 
new  security  roles 


PAN  BRYANT 


Meet  the  IBM  eServer™  i5  system  —  designed  to  simplify  your  infrastructure.  It’s  the  first  IBM  server  with  POWERS  " 
technology.  And  the  latest  member  of  the  IBM  eServer  iSeries™  family.  What’s  more,  it  can  simultaneously  run  four 
operating  systems,  dynamically  allocating  resources  needed  for  each  application  and  operating  system!  On  demand. 
iSeries  technology  can  also  help  reduce  the  number  of  servers  you  manage  by  as  much  as  85%.  We  invite  you  to 
learn  more  about  how  to  make  your  business  more  efficient.  Just  visit  ibm.com/eserver/consolidate 


5  reasons  why  IBM  eServer  i5  systems  with  Power  Architecture ™  technology  can  simplify  your  infrastructure. 


Runs  four  operating 

Advanced  virtualization 

Capacity  on  demand. 

POWER5  processor - 

Integrated  for  easy 

systems  simultaneously. 

technologies. 

based  64-bit  technology 

management. 

@  server 
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The  IBM  eServer  i5  system. 
Consolidate.  Integrate.  Celebrate. 


IXA  or  IXS  required  to  run  Windows.  Customers  must  license  O/Ss  separately.  IBM.  the  e-business  logo,  eServer,  the  eServer  logo,  iSeries,  Power  Architecture  and  P0WER5  are  trademarks 
or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Windows  is  a  trademark  of  Microsoft  Corporation  in  the  United  States, 
other  countries,  or  both.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2004  IBM  Corporation.  All  rights  reserved. 


10  gigabit  uplink  option 


THE  SUMMIT®  400  -  THE  PEAK  OF  NETWORK  PERFORMANCE 


m#.  • 

Extreme  Networks  is  revolutionizing  the  networking  industry  with 
the  highest  performance  Layer  3  10/100/1000  fixed  configuration 
edge  switch,  with  the  industry's  first  and  only  modular  10  gigabit 
uplink  option.  The  Summit  400,  designed  for  enterprise  networks 
deploying  gigabit  to  the  desktop,  enables  customers  to  fearlessly 
deploy  Gigabit  Ethernet  to  the  edge  today,  and  have  the  added  peace 
of  mind  that  they  can  fully  performance-enable  their  wiring  closet 
infrastructure  through  future  upgrades.  How’s  that  for  a  switch? 


GO  BEYOND 
WITH  EXTREME  NETWORKS 

Contact  Extreme  Networks  at 
1.888.257.3000  or  visit  us  on  the  web  at 

www.extremenetworks.com/go/sum400.htm 


©  2004  Extreme  Networks,  Inc.  All  Rights  Reserved. 


an  extreme  world... 


IS  DRIVING  10  GIG  TO  THE  EDGE 


NetworkWorld 


■  8  IronPort  extends  spam-detection  tool. 

■  8  HP  OpenView  to  gain  business  process,  protocol  analysis. 

■  8  Aprisma  beefing  up  Spectrum  Report  Manager. 

■  10  RFID  is  prescription  for  drug  companies. 

■  10  Start-up  looks  to  undercut  frame,  IP  VPN  prices. 

■  12  Storage  market  moves  toward  intelligent  fabric. 

■  12  Juniper  set  to  tap  into  enterprise  routing. 

■  14  Sarvega’s  XML  router  boosts  Web  services. 

■  60  Network  Associates,  Trend  and  eEye  tout  security  wares. 


Feature 

Application  performance  management 

Everybody  from  Mary  Kay  to  the  Marine  Corps  is  struggling  to  piece  together  a  coherent  application 
performance  strategy  out  of  a  set  of  individual  products.  Page  33. 

Battle  for  bandwidth:  American  Business  Maintenance  is  using  Racketeer's  WAN  acceleration 
appliance  to  make  better  use  of  its  bandwidth.  Page  37. 


Infrastructure 

■  17  VoIP  requires  wide  range  of 
planning. 

■  17  Deepfile  enhances  file  mgmt. 

■  18  Dell  tries  4-way  Itanium  again. 

■  19  Dave  Kearns:  Open 
source  on  the  desktop:  Hurry  up 
and  wait. 


Technology 

Update 

■  27  DS-UWB  enables 
convergence. 

■  27  Steve  Blass:  Ask  Dr. 

Internet. 

■  28  Mark  Gibbs:  How 

DidTheyReadlt  does  it. 


Enterprise 

Applications 

■  21  Adobe  goes  to  the  office. 

■  21  Grape  grower  juices  up  its 
planning  systems. 

■  22  Scott  Bradner: 

Investing  in  thin  air,  again. 

Service  Providers 

■  23  Interest  in  ASPs,  Web  host¬ 
ing  picking  up. 

■  23  Nortel  doubles  Shasta  per¬ 
formance,  density. 


■  28  Keith  Shaw:  Cool  tools, 
gizmos  and  other  neat  stuff. 

Opinions 

■  30  On  Technology:  Net 

scans  delivered  as  a  service. 

■  31  Chris  Shipley:  Who 

funds  innovation? 

■  31  Howard  Anderson: 

The  customer  loyalty  conundrum. 

■  62  BackSpin:  E-mail  AUPs 
and  monitoring. 

■  62  'Net  Buzz:  Book 
Crossing.com  becomes  a  best-seller. 

■  52  Career  classifieds. 


■  24  Johna  Till  Johnson: 

Externalization:  Changing  the  shape 
of  business. 

■  25  Special  Focus: 

As  CLECs  get  a  second  chance, 
users  get  deals. 

SimpleDrive  makes  backup 
simple. 

Page  28 


Management 

Strategies 

■  45  Analyzing  the  toll  unwanted 
e-mail  takes  on  productivity, 
bandwidth,  storage  and  support  will 
help  you  get  budget  resources. 


On  point:  A  tour  of  some  of  the  top  point  products  for  application  performance  management.  Page  40. 
Online:  Living  Buyer's  Guide:  Network  management  at  www.nwflision.com,  DocFinder:  2430. 
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|  Exclusive 

Network  World  Fusion  Radio:  IP 
Conferencing 

This  week  we  take  a  look  at  IP  conferencing  technology,  including  voice, 
video  and  Web,  with  Frost  &  Sullivan  Research  Analyst  Jim  Regan,  IP 
conferencing  is  growing,  but  there  are  still  barriers  to  adoption.  We  look 
at  those  and  the  driving  forces  behind  the  ultimate  transition  to  pure  IP 
conferencing, 

DocFinder:  2433 

Audio  primer:  Digital  Rights  Management 

Find  out  what  10  things  you  need  to  know  before  implementing  digital 
rights  management  in  your  enterprise. 

DocFinder:  4741 

Network  Encyclopedia 

Get  definitions  for  the  technologies,  hardware,  protocols,  standards  and 
more  behind  networking. 

DocFinder:  2434 

ISeminars  and  events 

Are  you  totally  secure  in  your 
enterprise  security  management? 

Are  you  managing  your  network  as  a  security  intelligence  asset?  Find  out 
how  and  get  the  answers  you  need  at  Enterprise  Security:  Fail-Safe 
Architecture,  a  new  Network  World  Technology  Tour  Event.  Click,  qualify 
and  attend  free.  DocFinder:  1856 


Columnists 

Wireless  Wizards 

How  do  I  convince  my  boss  to  go  wireless? 

The  Wizards  answer  a  reader  who  asks:  "I  need  to  convince  my 
boss  that  a  wireless  network  will  definitely  work  in  our  organiza¬ 
tion.  Can  I  just  go  and  buy  an  access  point  and  plug  it  into  my 
existing  T-1  line  and  show  him  that  wireless  networks  will  work 
perfectly?"  DocFinder:  2435 

Telework  Beat 

When  you  can’t  work  from  home,  Part  5 

Net.Worker  Managing  Editor  Toni  Kistner  looks  at  a  new  work 
“club"  that  offers  the  best  of  both  worlds.  DocFinder  2436 

Small  Business  Tech 

RAID  on  a  budget 

Columnist  James  Gaskin  says  redundant  disk  systems  have 
reached  small  businesses,  DocFinder.  2437 

Home  Base 

Who  needs  a  laptop? 

Columnist  Steve  Ulfelder  says  I’m  InTouch  lets  you  check  in  from 
the  road  without  lugging  around  a  PC.  DocFinder  2438 


Breaking  News 


■  CONTACT  US  NetworkWorld,  118Turnpike  Road,  Southborough, 
MA  01772;  Phone:  (508)  460-3333;  Fax:  (508)  490-6438; 

E-mail:  nwnews@nww.com;  STAFF:  See  the  masthead  on  page  16 
for  more  contact  information.  REPRINTS:  (717)  399-1900 


SUBSCRIPTIONS/CHANGE  OF  ADDRESS:  Phone:  (508)  490-6444; 
Fax:  (508)  490-6400;  E-mail:  nwcirc@nww.com; 

URL:  www.subscribenw.com 


Go  online  for  breaking  news  every  day.  DocFinder:  6342 


Free  e-mail  newsletters 

Sign  up  for  any  of  mope  than  40  newsletters  on  key  network  topics 

DocFinder:  6343 


What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and  resources 
online.  Simply  enter  the  four-digit  DocFinder  number 
the  search  box  on  the  home  page,  and  you’ll  jump 
directly  to  the  requested  information. 


Bells  win  major  fight  on  network  sharing 

fl  Solicitor  General  Theodore  Olson  announced  last  week  he  will 
not  ask  the  Supreme  Court  for  an  appeal  of  a  March  decision  by 
a  lower  court  that  threw  out  much  of  the  FCC’s  so-called  triennial 
review,  a  road  map  that  tells  incumbent  telephone  carriers  what 
parts  of  their  networks  they  have  to  share  with  competitors  at  a 
discount.  At  the  direction  of  FCC  Chairman  Michael  Powell,  who 
opposed  part  of  the  triennial  review  decision,  the  FCC  staff  has 
been  working  on  new  network-sharing  rules  since  shortly  after  the 
appeals  court  decision. That  decision,  which  overturned  the  FCC’s 
decision  on  sharing  switching  facilities  and  some  high-capacity 
DS-1  and  DS-3  network  loops,  has  forced  competitive  local 
exchange  carriers  to  enter  into  private  negotiations  with  the  incum¬ 
bent  carriers  for  those  pieces  of  their  networks,  but  few  agreements 
have  been  signed  since  the  ruling.  While  the  incumbent  carriers 
cheered  last  weeks  decision  and  predicted  it  would  lead  to  in¬ 
creased  investment  in  carrier  networks,  competitors  said  Olsons 
decision  could  result  in  higher  telephone  service  prices. 

Cisco  patches  CatOS  vulnerability 

■  Cisco  last  week  released  a  patch  for  a  potential  denial-of-service  vulnerability  in  its 
CatOS  operating  system,  which  powers  the  Catalyst  4000, 4500,  5000  and  6000  series  of 
switches. A  remote  attacker  could  exploit  the  flaw  using  a“TCP-ACK  attack” that  spoofs  the 
final  step  of  the  three-step  TCP  handshake  process,  causing  what  Cisco  calls  an  invalid  TCP 
state.The  flaw  affects  only  switches  that  have  Telnet,  HTTP  or  Secure  Shell  service  config¬ 
ured,  and  does  not  affect  switches  and  routers  running  10S.  Cisco  is  offering  a  free 
upgrade  for  all  affected  customers.  More  information  can  be  found  at  www.nwfusion. 
com,  DocFinder:  2444. 

ForcelO  lands  hefty  $75M 

■  ForcelO  Networks  last  week  closed  a  funding  round  that  brought  the  company  just  less 
than  $75  million.This  is  one  of  the  largest  investments  in  the  network  business  in  the  past 
two  years.  New  backers  included  Crosslink  Capital,  Meritech  Capital  Partners  and 
Morgenthaler  Ventures,  while  previous  investors  —  U.S. Venture  Partners,  New  Enterprise 
Associates  and  Worldview  Technology  Partners  —  also  participated  in  the  round.  ForcelO 
concentrates  on  10G  Ethernet  switching  and  competes  with  Cisco,  Foundry  Networks  and 

Network  World  500 
survey  results  online 

Complete  results  for  the  10th  annual  Network  World 
500  survey  are  now  available  at  www.nwfusion.com, 

DocFinder:  2443.  The  survey  tracks  technology  de¬ 
ployment  at  enterprise  organizations  and  provides 
insights  into  the  perceptions  of  network  IT  executives 
who  are  making  technology  investment  decisions. 
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Speeding  ahead.  The  number  of  broadband  have-nots  appears  to  be 
shrinking,  according  to  the  latest  FCC  figures.  The  commission  tallied  a  42%  increase 
in  broadband  lines  in  2003,  fueled  largely  by  residential  and  small-business  users 
signing  up  for  high-speed  service.  The  FCC  report  shows  that  28.2  million  broadband 
lines  were  in  use  by  the  end  of  last  year  in 
the  U.S. 


Legislation  frustration. 

Roger  Cressey,  president  of  Good  Harbor 
Consulting  and  former  counterterrorism 
expert  at  the  White  House,  had  this  to  say 
during  a  security  panel  last  week:  "If  we  ever 
truly  have  a  major  cyber  event . . .  then 
you're  going  to  see  Congress 
legislate.  They  will  legislate 
because  of  a  public  outcry. 

It  will  be  bad  legislation.” 


Wireless  hack. 

A  Michigan  man  has  pleaded  guilty  to 
four  counts  of  wire  fraud  and 
unauthorized  access  to  a  computer 
after  he  and  two  accomplices  used 
a  vulnerable  wireless  network  at 
a  Lowe’s  store  in  Michigan  to  attempt 
to  steal  credit  card  numbers  from 
the  company’s  main  computer 
systems  in  North  Carolina  and  other 
Lowe's  stores  in  the  U.S.  The  man 
could  face  up  to  18  years  in  prison, 
though  federal  prosecutors  will 
ask  for  a  more  lenient  sentence  in 
exchange  for  his  cooperation  in  other 
related  investigations.  > 

DAN  VASCONCELLOS 


Extreme  Networks  The  company  counts  among  its  customers  the  European  Centre  for 
Mid-Range  Weather  Forecasts,  NASA,  the  U.S.  Department  of  Homeland  Security,  MCI  and 
Lawrence  Berkeley  National  Lab. 

A0L  turns  attention  to  business  customers . 

■  AOL  is  trying  to  make  its  popular  AOL  Instant  Messenger  service  more  palatable  for  busi¬ 
ness  users.  Last  week  the  company  announced  new  online  meeting  and  voice  conferenc¬ 
ing  features  for  the  service,  and  the  new  suite  they  will  belong  to,  called  AIM  Business 
Services.“We  have  seen  an  explosive  growth  in  the  AIM  network  over  the  past  several  years, 
especially  in  the  work  environment,  which  is  why  we  are  introducing  tools  and  services  for 
that  community’ said  Brian  Curry  AOLs  senior  director  of  AIM  network  services.  AOL  esti¬ 
mates  that  of  the  about  36  million  active  users  of  AIM,  about  15  million  use  it  for  work  pur¬ 
poses,  he  said.The  two  services  are  called  AIM  Web  Meetings  and  AIM  Voice  Conferencing, 
and  are  offered  in  partnership  with  a  pair  of  vendors  that  specialize  in  each  area:  WebEx 
Communications  for  online  meetings  and  Lightbridge  for  voice  conferencing. 

Another  country  investigating  Microsoft 

■  While  Microsoft  last  week  was  appealing  an  anti-trust  fine  levied  by  the  European  Union, 
South  Korea  got  into  the  legal  act  by  searching  the  company’s  offices  as  part  of  an  investi¬ 
gation  into  allegations  that  the  company  violated  trade  regulations  by  tying  its  instant-mes¬ 
saging  software  to  the  Windows  operating  system.  An  official  of  the  South  Korea  Fair  Trade 
Commission  told  the  Associated  Press  the  investigation  was  related  to  a  complaint  filed  in 
2001  by  Daum  Communications,  an  Internet  portal  company  that  controls  10%  of  South 
Korea’s  IM  market.  Daum  filed  a  separate  anti-trust  lawsuit  in  April  against  Microsoft  seek¬ 
ing  $8.6  million  in  damages  it  blames  on  Windows  XPln  February  Japan’s  fair  trade  orga¬ 
nization  raided  Microsoft  offices  in  that  country  on  allegations  of  monopoly  law  violations. 


CONSIDER  YOUR  NATIONAL 
RESERVATIONS  NETWORK. 

Consider  the  dots  connected. 
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Now  we  can  design,  deliver  and  manage  a  data 
integration  system  that  brings  it  all  together. 
Converge  every  kind  of  business  network  -  dealers, 
brokers,  suppliers,  customers  -  across  platforms, 
across  America.  All  on  the  strong,  reliable  backbone 
of  the  SBC  network.  To  connect  the  dots  coast  to 
coast,  talk  to  your  SBC  account  representative. 


GOING  BEYOND  THE  CALL? 
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ronPort  extends  spam-detection  tool 


■  BY  CARA  GARRETSON 

E-mail  security  vendor  IronFbrt  Systems  is 
administering  its  spam-catching  service  to 
help  users  stop  viruses  before  they  pene¬ 
trate  their  corporate  networks. 

The  company  announced  this  week  its 
Virus  Outbreak  Filters,  which  will  be  inte¬ 
grated  into  IronFbrts  Messaging  Gateway 
appliances  to  monitor  incoming  and  out¬ 
going  e-mail  traffic  for  messages  that  may 
contain  viruses.  IronPort  is  using  its 
SenderBase  database,  which  can  monitor 
roughly  20  million  IP  addresses  for  spam¬ 
mer  activity,  to  also  look  for  messages  that 
might  contain  viruses. 

“If  we  see . .  .a  number  of  IP  addresses  that 
have  never  sent  mail  before  suddenly  all 
sending  with  the  same  characteristics,  say 
an  encrypted  password,  we  would  elevate 
the  threat  level  and  generate  an  alert  to 


administrators  while  automatically  starting 
to  quarantine  traffic,”  says  Tom  Gillis,  Iron- 
Fbrt’s  vice  president  of  marketing. 

IronFbrts  gateway  appliance  will  quaran¬ 
tine  suspicious  messages  until  they  can  be 
deemed  not  harmful  or  run  through  anti- 
vims  software  with  updated  signatures  and 
scrubbed  of  any  malicious  code. 

The  idea  for  IronPort’s  new  filters  came 
in  part  from  IT  service  provider  Electronic 
Data  Systems  (EDS),  one  of  IronPort’s 
largest  customers.  Because  it  can  take 
from  two  to  eight  hours  to  clean  up  a 
desktop  PC  after  a  virus  outbreak,  EDS 
decided  to  start  blocking  messages  at  the 
gateway  whenever  it  heard  of  a  new  virus 
or  found  one  inside  an  organization,  says 
Richard  Parvin,  senior  engineer  at  EDS. 
The  company  would  block  all  incoming 
messages  with  attached  EXE  files,  but  it 
had  nowhere  to  store  those  messages 


while  it  waited  for  anti-virus  vendors  to 
create  signatures  for  the  new  virus,  so  the 
messages  were  deleted. 

With  IronPort’s  Virus  Outbreak  Filters, 
Messaging  Gateway  appliances  do  this 
detection  automatically, and  queue  the  sus¬ 
picious  mail  until  a  signature  for  the  new 
virus  is  in  hand. “When  a  new  virus  is  out 
there,  we  want  to  be  able  to  stop  it  at  the 
mail  gateway/’  Parvin  says.  “IronPort  took 
our  idea  that  was  kind  of  manual  and 
clumsy  and  integrated  it  into  their  software 
so  that  we  can  have  very  early  detection.” 

Another  advantage  of  IronPort’s 
approach  is  that  the  appliance  stores  the 
suspicious  mail  locally  until  done  queuing, 
instead  of  passing  it  to  another  server. 

While  quarantining  incoming  e-mail 
messages  when  a  virus  is  suspected 
might  seem  extreme,  it’s  also  a  rather 
benign  one  because  administrators  can 


decide  when  to  release  messages  onto 
their  networks,  Gillis  says.  Given  the  cost 
of  cleaning  up  after  a  virus,  IronPort  says 
companies  will  welcome  this  additional 
layer  of  virus  protection. 

The  filters  can  pass  along  suspicious  mail 
to  any  anti-virus  software  for  scanning, 
Gillis  says.  IronFbrt  offers  the  Sophos’  anti¬ 
virus  product  with  its  appliance.  Included 
with  the  filters  will  be  tools  for  administra¬ 
tors  to  customize  them,  such  as  creating 
exceptions  to  the  quarantine  rules. 

IronFbrts  Messaging  Gateway  competes 
with  e-mail  security  gateways  from  compa¬ 
nies  such  as  BorderWare,  Mirapoint  and 
CipherTrust.The  company  says  it  is  the  first 
anti-spam  vendor  to  apply  its  spam-detec¬ 
tion  technology  and  methods  to  viruses. 

The  Virus  Outbreak  Filters  are  slated  for 
release  in  the  fall.  Pricing  for  the  filters  will 
range  from  $4  to  $7  per  user  per  year.  ■ 


HP  Openview  to  gain  business 
process,  protocol  analysis 

■  BY  DENISE  DUBIE 


&&Non-IT  people 
want  to  know  if  their 
sendee  levels  are  going 
to  be  delivered.  9  9 

Jason  Kennedy 

Systems  management 
analyst,  Best  Buy  Canada 


STUART  MCCALL 


Business  managers  at  Best  Buy 
Canada  are  increasingly  pushing 
the  retailer’s  IT  department  for 
more  information  on  how  the  IT 
infrastructure  supports  business 
processes. As  a  result,  the  IT  group 
has  been  on  the  lookout  for  tools 
to  help  automate  the  gathering 
and  sharing  of  such  data. 

“Non-IT  people  want  to  know  if 
their  service  levels  are  going  to 
be  delivered, ’’says  Jason  Kennedy 
systems  management  analyst  for 
the  retailer  in  Vancouver,  B.C. 

HP  this  week  plans  to  debut  its 
OpenView  Business  Process 
Insight  at  the  HP  Software  Forum 
in  Montreal.  The  event  is  expect¬ 
ed  to  attract  1 ,400  HP  OpenView 
customers  and  partners. 

HP  says  its  new  software  can 
pull  data  from  OpenView  man¬ 
agement  software  applications 
such  as  Operations  and  Service 
Navigator,  and  third-party  busi¬ 
ness  systems  that  track  orders, 
payments  and  assorted  statistics. 
The  company  says  the  software  is 
meant  to  do  more  than  track 
processes;  it  will  show  how  sys¬ 
tem  performance, such  as  when  a 
server  goes  down,  affects  online 
ordering  or  other  business 
processes. 

Users  of  the  server-based  soft¬ 
ware  initially  would  model  the 
business  service  to  be  tracked. 
This  involves  detailing  the  ser¬ 
vers,  databases  and  other  IT  ele¬ 


ments  supporting  the  service  and 
configuring  the  software  to  pull 
data  from  other  management 
tools  and  business  systems. 

Industry  analysts  say  this  prod¬ 
uct,  set  to  be  available  by  mid¬ 
summer  and  starts  at  $190,000, 
could  give  HP  the  application- 
level  and  service-oriented  tools  it 
needs  to  expand  beyond  its  net¬ 
work  management  roots. 

“HP  is  taking  a  notable  first  step 
in  bringing  forth  business  rela¬ 
tionships  and  business  intelli¬ 
gence  in  IT  management  prod¬ 
ucts,”  says  Glenn  O’Donnell,  pro¬ 
gram  director  at  Meta  Group. 
Competitors  such  as  BMC 
Software  and  IBM  Tivoli  also 
attempt  to  tie  IT  metrics  to  busi¬ 
ness  performance. 

Also  to  be  announced  this 
week  is  Version  7.5  of  HP’s  cor¬ 
nerstone  Network  Node  Manager 
(NNM)  software.  The  software 


now  can  work  with  a  new  appli¬ 
cation  called  HP  OpenView 
Route  Analytics  Management 
System. The  new  application  can 
be  used  alongside  NNM  7.5  to 
help  customers  analyze  IP  traffic 
and  the  SNMP  events  NNM  col¬ 
lects,  letting  customers  map  phys¬ 
ical  and  logical  topologies  of 
their  networks. 

The  route  analytics  product  is 
the  result  of  an  OEM  agreement 
HP  signed  last  year  with  Packet 
Design.  HP  will  use  Packet 
Design’s  technology  on  a  Pro¬ 
Liant  DL360  server  installed  on 
the  network  edge  to  passively 
monitor  the  IP  protocol  stack 
and  determine  how  packets  are 
being  routed.  The  Route 
Analytics  Management  System  is 
scheduled  to  ship  next  month. 
Pricing  for  the  software  begins  at 
$25,000;  the  server  will  be  sold 
separately.  ■ 


Aprisma  beefing  up 
network  mgmt.  package 

■  BY  DENISE  DUBIE 


Aprisma  this  week  will  use  its  annual  customer  conference  to  unveil 
several  improvements  to  its  flagship  Spectrum  product  that  are  de¬ 
signed  to  help  companies  get  a  better  feel  for  what’s  on  their  network 
and  why  it  might  be  underperforming. 

Add-on  software  dubbed  Spectrum  Report  Manager,  which  will  debut 
at  Aprisma’s  Las  Vegas  event,  exploits  the  map  of  SNMP-manageable 
devices  provided  by  Spectrum  to  generate  reports  on  device  change 
and  configuration.  Much  like  tools  from  companies  such  as  AlterFbint 
and  Goldwire  Technology  the  software  tracks  adds,  changes  and  moves 
made  to  devices  and  monitors  configurations  across  network  elements 
from  vendors  such  as  Cisco  and  Juniper.  Users  can  configure  the  report¬ 
ing  software  to  assimilate  data  collected  by  Spectrum  into  reports  that 
show  how  network  changes  affect  service  levels,  Aprisma  says. 

“Management  vendors  need  to  incorporate  change  and  configura¬ 
tion  into  their  core  products  to  make  a  comprehensive  management 


system  work,”  says  Glenn  O’Donnell,  program  director  at  Meta  Group. 
He  says  adding  new  products  that  will  relate  configuration  to  perfor¬ 
mance  and  other  features  in  Spectrum  will  help  Aprisma  better  com¬ 
pete  with  Smarts  and  Micromuse. 

Aprisma,  which  expects  about  300  attendees  at  its  conference  this 
week,  also  will  show  off  Spectrum  7.1.  One  featured  addition  is  called 
Technology  Relationship  Mapping,  technology  that  lets  Spectrum,  with 
the  use  of  agent  software,  provide  a  topological  map  of  relationships 
between  infrastructure  devices,  applications  and  servers. 

Aprisma  also  has  added  two  intelligent  analysis  features  to  Spectrum. 
Condition  Correlation  Technology  uses  Spectrum’s  policy-based  engine 
to  identify  conditions  (defined  as  not  just  a  single  event  but  patterns  of 
events)  and  explain  causal  relationships  among  events  to  determine 
the  root  cause  of  performance  problems.  Business  Service  Intelligence 
provides  customers  with  real-time  analysis  of  how  network  reliability 
and  availability  affects  customers  and  service-level  agreements. 

The  company,  once  part  of  Cabletron  and  closely  tied  to  fellow 
Cabletron  spin-off  Enterasys  Networks,  is  now  owned  by  holding 
company  Gores  Technology 
Group. 

Spectrum  Report  Manager 
and  the  Spectrum  7.1  releases 
are  expect  this  month.  Pricing 
begins  at  $25,000  for  all  of  the 
applications.  ■ 
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RFID  is  prescription  for  drug  companies 


H  BY  ANN  BEDNARZ 

BOSTON  — The  front  lines  of  technology 
are  typically  unfamiliar  territory  for  drug¬ 
store  giant  CVS. 

“Were  not  on  the  bleeding  edge  of  any 
technology  nor  do  we  want  to  be, ’’said  Jack 
DeAlmo.  vice  president  of  inventory  man¬ 
agement  and  merchandise  operations  at 
CVS  in  Woonsocket,  R.I. 

But  the  chain  is  making  an  exception  for 
radio  frequency  identification  (RFID). With 
RFID,  CVS  isn’t  content  to  sit  back  “and 
have  our  destiny  decided  for  us,”  said 
DeAlmo,  who  spoke  last  week  at  an  IDC- 
sponsored  event. 

RFID  is  not  a  new  technology,  but  its 
application  in  the  consumer  packaged 
goods  (CFG)  supply  chain  is  a  recent  phe¬ 
nomenon  led  by  industry  heavyweights 
such  as  Wal-Mart,  Gillette  and  Procter  & 
Gamble. 

Pharmaceuticals  is  a  different  animal, 
however.  It’s  a  complex,  highly  regulated 
environment,  DeAlmo  said.  “This  is  not  a 
CPG  supply  chain.  It’s  a  very  convoluted 
supply  chain  with  people  who  don’t  talk 
to  each  other  and  don’t  want  to  share 


information,”  he  said. 

But  a  common  drive  to  combat  drug 
counterfeiting  and  streamline  operations 
could  help  open  the  lines  of  communica¬ 
tion  in  the  pharmaceuticals  industry 

Today  between  2%  and  7%  of  pharma¬ 
ceuticals  are  counterfeit  —  a  figure  that  is 
drastically  higher  in  emerging  markets, said 
Jamie  Hintlian,a  partner  in  the  health  and 
life  sciences  practice  at  Accenture,  at  the 
1DC  event.  In  some  countries  more  than 
50%  of  the  drug  supply  could  consist  of 
counterfeit  drugs,  according  to  a  recent  re¬ 
port  from  the  U.S.  Food  and  Drug 
Administration. 

Experts  say  RFID’s  “track  and  trace”  capa¬ 
bilities  can  make  drug  counterfeiting  more 
difficult  by  enabling  more  thorough  docu¬ 
mentation  than  bar  codes  allow  during  the 
various  links  in  the  pharmaceutical  supply 
chain.  RFID  tags  placed  on  pallets,  cases  or 
individual  items  would  contain  an  elec¬ 
tronic  product  code,  which  is  essentially  a 
serial  number  used  to  identify  a  specific 
item  in  a  supply  chain. 

The  theory  is  that  as  drugs  move  between 
manufacturing  facilities,  wholesalers’  distri¬ 
bution  centers,  retailers’  warehouses  and 


Counterfeit 
drug  crisis 

Industry  estimates  measuring 
the  amount  of  fake  medication 
on  the  market  range  from  less 
than  10%  to  50%,  according  to 
Gartner. 

in-store  pharmacies,  RFID  readers  can  cap¬ 
ture  and  log  item  location.  Middleware  re¬ 
sponsible  for  analyzing  reader  data  can 
then  peg  any  operational  discrepancies. 

RFID  won’t  eliminate  counterfeiting, but  it 
will  make  it  harder  on  those  trying  to 
thwart  the  system, said  Lyle  Ginsburg,  man¬ 
aging  partner  at  Accenture.  “It’s  going  to 
take  the  net  and  make  it  a  little  bit  tighter 
for  the  bad  guys,”  he  said. 

RFID’s  anti-counterfeiting  assistance  is 
not  the  only  appeal  of  the  technology  to 
drug  companies.  It  also  could  help  compa¬ 
nies  better  track  product  expiration  dates, 
said  Michael  Scrase,  director  of  informa¬ 
tion  systems  and  business  integration  at 


Cardinal  Health. 

The  $40  billion  Dublin,  Ohio,  company 
manufactures  and  distributes  healthcare 
products,  including  pharmaceuticals. 
Some  of  Cardinal  Health’s  24  distribution 
centers  carry  close  to  $1  billion  in  inven¬ 
tory  —  much  of  it  perishable  —  from  any 
of  2,000  different  vendors  at  any  one  time. 
With  its  current  bar-code  technology, 
Cardinal  Health  can’t  track  items  by  lot 
and  expiration  date.  With  RFID,  it  could, 
Scrase  said. 

The  ability  to  track  drugs  by  their  manu¬ 
facturing  lot  number  would  be  particularly 
helpful  in  the  event  of  a  drug  recall. 

Pat  Rizzotto,  a  vice  president  of  global 
customer  initiatives  at  Johnson  &  Johnson, 
convinced  upper  management  at  the  New 
Brunswick,  N.J.,  company  that  RFID  was 
worth  investigating  simply  by  explaining 
how  the  technology  might  have  helped 
avoid  the  logistical  nightmare  of  recalling 
more  than  30  million  Tylenol  bottles  after 
the  tampering  incident  in  1982. 

“If  we  had  this  technology  our  business 
case  would  have  been  very  different,” 
Rizzotto  said.That’s  all  it  took  for  Rizzotto  to 
get  the  go-ahead.  ■ 


Start-up  looks  to  undercut  frame,  IP  VPN  prices 


start-up  ■  PROFILE: 

COMPANY 

STRAITSHOT  COMMUNICATIONS 

Founded: 

April  2003 

Funding: 

Private 

Headquarters: 

Bellevue,  Wash. 

Management: 

Robert  Hogan,  CEO,  a  35-year  telecom  veteran. 

What  it  does: 

StraitShot  offers  users  an  alternative  to  frame 
relay  and  VPN  services  based  on  its  aggregate 
network  of  dedicated  private  connections. 

Pros: 

Promises  30%  to  60%  cost  savings  compared 
with  frame  and  IPVPN. 

Cons: 

Short  on  infrastructure  with  one  POP  in 
Sunnyvale,  Calif. 

■  BY  DENISE  PAPPALARDO 

Start-up  StraitShot  Communi¬ 
cations  this  week  is  expected  to 
launch  its  first  service,  which  the 
company  says  will  give  business 
users  a  less  expensive  alternative 
to  traditional  frame  relay  and  IP 
VPN  offerings. 

Consolidated  Private  Network¬ 
ing  (CPN)  is  a  fully  managed, 
protocol-agnostic  service  that 
provides  private  end-to-end  net¬ 
work  connectivity  over  networks 
operated  by  StraitShot  and  its 
partners. 

The  service  includes  provision¬ 
ing,  installation  and  management 
of  customer  networks,  including 
local  and  long-haul  connectivity 
A  customer  could  have  a  10-site 
network,  with  five  connecting  via 
DSL, two  via  frame  relay  and  three 
via  dedicated  T-l  lines.  While  sup¬ 
porting  a  variety  of  local-access 
technologies,  StraitShot’s  network 
never  traverses  the  Internet,  the 
company  says. 

“Individuals  are  seeing  an 
opportunity  to  generate  new  and 
different  VPNs  with  different 
value  propositions  ...  for  enter¬ 
prises  to  consider)  says  Michael 
Suby,  program  manager  at  con¬ 
sulting  firm  Stratecast  Partners. 
“It’s  good  for  competition.” 


StraitShot  is  teaming  with  a 
handful  of  local  carriers,  includ¬ 
ing  Covad  Communications,  MCI, 
New  Edge  Networks,  Sprint  and 
WilTel  Communications,  which 
lets  the  company  offer  competi¬ 
tive  rates  in  cities  throughout  the 
country 

The  local  connections  are 
made  to  a  StraitShot  point  of  pres¬ 
ence  or  to  the  local  carrier’s  net¬ 
work,  which  then  backhauls  the 
traffic  over  a  leased  fiber  facility 
to  a  StraitShot  POP 

“Most  users  will  realize  a  30%  to 
60%  savings”  over  traditional 
frame  relay  or  IP  VPN  services, 
says  Marc  Coluccio,  CTO  at 


StraitShot. 

StraitShot  might  be  able  to  offer 
these  types  of  cost  savings  be¬ 
cause  it  is  not  operating  an  exten¬ 
sive  network  of  its  own. Today,  the 
service  provider  has  only  one 
POP  in  Sunnyvale,  Calif.  The  com¬ 
pany  says  a  second  POP  will  be 
deployed  in  New  York  by 
September. 

Suby  says  that  for  potential  cus¬ 
tomers,  “it’s  advisable  to  be  con¬ 
servative”  about  shifting  over  large 
amounts  of  corporate  traffic  ini¬ 
tially  “1  would  evaluate  services 
on  a  trial  basis,  because  [Strait¬ 
Shot  is]  a  young  company  and 
because  they  are  delivering  ser¬ 


vices  in  a  different  manner  than 
most  users  are  accustomed  to,”  he 
says. 

While  StraitShot  says  it  uses 
Ciena  and  Quarry  Technologies 
gear  in  its  POP  to  support  its  ATM 
backbone,  it  would  not  provide 
additional  details,  citing  a  pend¬ 
ing  patent  based  on  its  network 
architecture. 

One  customer,  R.W  Beck,  ques¬ 
tioned  StraitShot  about  its  single- 
POP  architecture,  and  says  it  care¬ 
fully  is  testing  all  connections 
before  moving  to  the  new  service. 

R.W  Beck,  an  engineering  and 
consulting  firm  for  the  utility  in¬ 
dustry  is  replacing  its  five-node 
frame  relay  network  with  the  ser¬ 
vice  provider’s  CPN  service  in 
Boston,  Denver,  Nashville,  Orlan¬ 
do  and  Seattle. 

“We’re  doing  voice  over  IP  and 
we’re  running  into  performance 
problems  over  our  frame  relay 
network,”  says  Don  Bird,  director 
of  IT  at  the  Seattle  company 

R.W  Beck  had  two  T-l  and  three 
512K  bit/sec  frame  relay  links 
with  committed  information  rates 
of  56K  bit/sec  with  another  pro- 
vider.The  company  has  upgraded 
each  site  to  full  T-ls  from  Strait¬ 
Shot  and  cut  its  monthly  service 
rate  by  50%. 

“We’re  looking  at  saving  $50,000 


a  year,  which  is  a  lot  for  a  small 
shop  like  ours,”  Bird  says. 

The  CPN  service  comes  with  a 
set  of  standard  service-level 
agreements  (SLA),  which  was  a 
key  reason  why  Bird  went  with 
StraitShot. 

The  SLA  includes  a  guarantee 
that  jitter  across  StraitShot’s  net¬ 
work  will  be  less  than  10  millisec 
and  latency  will  be  less  than  60 
millisec.  The  SLA  also  promises 
99.99%  network  availability  and 
99.9%  packet  delivery  ■ 
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THIS  WEEK’S  QUESTION: 

What's  the  new  name  of 
remote-access  services 
vendor  Gric  Communi¬ 
cations? 


Stumped?  Get  the  answer  online. 

Visit  Network  World  Fusion  and  enter 
2349  in  the  Search  box. 
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We  Secure  the  Internet. 


“Check  Point  Express  brings 
enterprise-class  security  to 
the  mid-sized  company  at  a 
price  and  performance  level 
that  meets  their  needs!’ 


Charles  Kolodgy,  Research  Director, 
Security  Products,  IDC 
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Secure  your  business  with  Check  Point  Express. 

Your  business  deserves  the  best  security  solution  available  today:  Check  Point  Express"  Designed  for  companies  with 
100-500  employees,  Check  Point  Express  protects  your  business  with  the  same  superior  firewall  and  VPN 
technology  that  secures  97  of  the  Fortune  100.  Yet  it’s  priced  right  for  mid-size  businesses.  With  Check  Point  Express, 
you’ll  get  performance  you  can  always  rely  on,  and  security  you  don’t  have  to  worry  about.  Its  unique  features  include 
intelligent  network  and  application-level  protection.  And  its  intuitive  interface  simplifies  every  aspect  of  security 
management.  There  is  no  better  way  to  secure  your  critical  network  resources  and  connect  remote  users  and  sites. 
See  for  yourself.  Compare  Check  Point  Express  to  competing  offerings  at  www.checkpoint.com/compareexpress. 

Check  Point  Express  comes  pre-installed  on  appliances  from  Sun  and  Nokia 
and  runs  on  open  servers  from  Dell,  IBM,  and  other  leading  manufacturers. 


©  2004  Check  Point  Software  Technologies  Ltd.  All  rights  reserved.  Check  Point,  Check  Point  Express,  and  the  Check  Point  logo  are  trademarks  or  registered  trademarks  of  Check  Point  Software  Technologies  Ltd.  or  its  affiliates. 
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Fibre  Channel  storage  boxes  set  to  get  smarter 


C  \ 

Smart  storage 

A  variety  of  vendors  are  implementing  storage  applications  on  their  Fibre  Channel  switches. 


Vendor 

Product 

Applications 

Availability 

Brocade 

Silkworm  Multi¬ 
protocol  Router 

None  specified 

Router  shipping; 
applications  expected 
by  year-end 

Cisco 

MDS  9000  Series 
multi  layer  switch 

Virtualization  and  volume  management 

Shipping 

Maranti  Networks 

CoreStor 

Provisioning  and  storage-area 
management 

Shipping 

Maxxan 

MXV500 

Virtual  tape  library,  NAS  gateway,  back¬ 
up  and  recovery  software 

Expected  this  month 

McData 

Spherion  4700i 

Snapshot,  volume  management,  mirroring, 
data  migration,  replication 

Expected  to  ship  in  2005 

m  BY  DENI  CONNOR 

While  start-ups  such  as  Store- 
Age  and  Incipient  are  providing 
intelligent  applications  for  Fibre 
Channel  switches,  major  vendors 
such  as  Brocade  and  McData  are 
lagging  behind,  saying  applica¬ 
tions  they  are  developing  are  tak¬ 
ing  more  time  to  build  because 
they  are  bigger  and  more  compli¬ 
cated  to  design  than  those  that 
start-ups  provide. 

For  about  a  year  vendors  have 
been  promising  Fibre  Channel 
switches  that  run  applications 
such  as  replication  and  data 
migration.  Some,  such  as  Maranti 
Networks  and  Maxxan,  have 
shipped  products  of  their  own 
design.  Others,  such  as  Brocade 
and  McData,  are  still  only  promis¬ 
ing  delivery 

With  the  exception  of  products 
from  the  start-ups  and  Cisco,  stor¬ 
age  applications  such  as  virtual¬ 
ization  and  replication  run  on 
host  computers  or  arrays,  where 
they  don’t  have  the  ability  to  work 
with  all  multivendor  gear  and 
diverse  operating  systems. 

A  variety  of  announcements 
indicate,  however,  that  intelligent 
Fibre  Channel  switching  is  about 
to  expand: 

•  Maxxan  this  week  is  expected 
to  announce  its  second-genera¬ 


tion  MXV500  intelligent  storage- 
area  network  (SAN)  switch.  The 
MXV500  has  application  blades 
integrated  into  its  design  that  let  it 
perform  back-up  and  recovery 
applications  and  act  as  a  virtual 
tape  library  or  as  a  network- 
attached  storage  gateway  to  con¬ 
nect  Fibre  Channel  storage  to  an 
Ethernet  network. 

•  Brocade  announced  last 
week  that  its  Silkworm  multipro¬ 
tocol  router  is  now  available.  The 
router,  which  is  designed  to  run 
volume  and  data  management 
and  replication  applications,  is 
the  result  of  Brocades  acquisition 
of  Rhapsody  Networks  in  2002. 


When  Brocade  acquired  Rhap¬ 
sody,  it  promised  to  deliver  fabric- 
based  applications  by  the  end  of 
2003.  The  multiprotocol  router  is 
the  first  evidence  of  this  integra¬ 
tion.  Brocade  demonstrated 
assorted  applications  running  on 
its  multiprotocol  router  and 
expects  to  ship  applications  in 
the  second  half  of  this  year. 

•  EMC  last  week  talked  about  its 
upcoming  storage  router,  which 
will  move  data  between  storage 
arrays  from  different  vendors 
without  disrupting  operations. 
The  storage  router  will  consist  of 
EMC  software  that  runs  on  Bro¬ 
cade,  McData  and  Cisco  switches, 


and  a  separate  management  con¬ 
troller  that  resides  on  industry- 
standard  servers  to  virtualize  and 
migrate  disk  capacity  It  is  sched¬ 
uled  to  enter  beta  testing  this 
summer  and  be  available  the  first 
half  of  next  year. 

•  McData,  which  acquired  San- 
era  for  its  intelligent  switch  last 
year,  showed  off  StoreAge’s  vol¬ 
ume  management,  snapshot,  mir¬ 
roring,  data  replication  and  migra¬ 
tion  applications  running  on  its 
intelligent  switch  back  in  April. 
The  company  says  it  will  ship 
applications  on  the  Sphereon 
4700i  switch  in  the  second  half  of 
next  year. 


Observers  say  there  are  many 
reasons  why  major  switch  ven¬ 
dors  have  not  delivered  Fibre 
Channel-based  applications. 
Among  them  is  that  much  of 
Brocade’s  and  McData’s  business 
comes  from  OEM  deals  with  com¬ 
panies  such  as  HR1BM  and  EMC. 

“Do  you  seriously  think  EMC 
has  an  interest  in  selling  a  Mc¬ 
Data  switch  with  a  FalconStor  or 
Incipient  application,  especially 
when  that  combination  is  more 
than  likely  going  to  take  revenues 
away  from  EMC’s  Symmetrix  Re¬ 
mote  Data  Facility?”  says  Arun 
Taneja,  senior  analyst  for  the 
Taneja  Group. 

Jay  Kidd,  vice  president  of  prod¬ 
uct  marketing  for  Brocade,  says 
the  reason  for  Brocade’s  delay  in 
shipping  intelligent  applications 
is  that  the  type  of  applications  — 
enterprise-level  heterogeneous 
programs  —  it  wants  to  run  on  its 
switches  are  much  more  com¬ 
plex  to  develop  than  those  the 
start-ups  make. 

“To  get  these  products  to  work 
in  a  small  environment  is  fairly 
easy  but  no  one  had  figured  out 
how  to  get  them  to  work  in  an 
environment  that  has  2,500  [serv- 
er-to-storage]  connections  and 
spans  across  multiple  switches 
[in  enterprise-size  businesses],” 
Kidd  says.  ■ 


Juniper  set  to  tap  into  enterprise  routing 


There  for  the  taking 

With  its  J-Series  access  routers,  Juniper  will  attempt  to 
do  what  others  have  not:  become  a  viable  No.  2  to  Cisco. 

First-quarter  revenue  for  low-end  routers. 


Vendor 

Revenue 

%  Market 
share 

Average 
selling  price 

Cisco 

$336  million 

91.9% 

$1,689 

Adtran 

$2  million 

0.5% 

$601 

3Com 

$2  million 

0.5% 

$831 

Enterasys 

$2  million 

0.5% 

$1,270 

Others 

$24  million 

6.6% 

$907 

TOTALS 

$366  million 

100% 

$1,573 

SOURCE  OEIL'ORO  GROUP 


■  BY  JIM  DUFFY 

Juniper’s  introduction  this  week 
of  enterprise  branch  routers 
could  offer  users  a  strong  alterna¬ 
tive  to  Cisco. 

At  initial  release  the  routers 
will  run  a  version  of  the  modular 
Junos  operating  system,  which 
Juniper  says  is  in  demand  from 
corporations  looking  for  airtight 
transmission  of  IP  telephony 
and  video,  and  real-time  busi¬ 
ness  applications  such  as  Oracle 
or  SAP 

The  market  is  ripe  for  Juniper’s 
new  J-Series  routers,  the  7-year-old 
company’s  first  internally  devel¬ 
oped  products  specifically  for 
corporations,  according  to  ana¬ 
lysts.  That’s  because  no  one  has 
been  able  to  dent  Cisco’s  domi¬ 
nant  market  share  the  way 
Juniper  has  in  carrier  routing. 

“There’s  clearly  an  opportunity 
for  somebody  to  step  up  and  be 
the  No.  2  vendor,"  says  Zeus 


Kerravala,  an  analyst  at  The 
Yankee  Group. 

One  challenge,  however,  is  that 
access  routers  are  much  more 
price  sensitive  than  the  high-tick¬ 
et  core  routers  Juniper  sells. 

“It’s  bad  news  for  anybody 


whose  business  model  isn’t  ori¬ 
ented  toward  providing  low-cost 
commodity  products,”  says  Mich¬ 
ael  Kennedy  principal  and  co¬ 
founder  of  Network  Strategy  P&rt- 
ners.To  be  successful,  Juniper  has 
to  change  its  business  model.” 


Juniper  has  this  licked,  accord¬ 
ing  to  Jim  Dolce,  executive  vice 
president  of  worldwide  field 
operations. 

“The  distribution  channel  that 
we’ve  brought  on  with  the  acqui¬ 
sition  of  NetScreen  is  well  suited 
for  this  product,”  he  says,  referring 
to  the  400  resellers  Juniper  inher¬ 
ited  from  its  $4  billion  acquisition 
of  security  power  NetScreen 
Technologies  early  this  year. 

Juniper  is  entering  the  low-end 
market  as  it  is  heating  up. This  seg¬ 
ment  recorded  the  largest  sequen¬ 
tial  revenue  increase  of  all  router 
segments  during  the  first  quarter, 
according  to  Dell’Oro  Group. 

Sales  this  year  are  expected  to 
rise  6%  from  2003,  reversing  the 
trend  of  the  previous  three  years, 
Dell’Oro  notes.  And  even  though 
they  have  not  been  able  to  affect 
Cisco,  a  number  of  vendors  have 
entered  the  market  over  the  past 
five  quarters. 

Now  it’s  Junipers  turn  with  the 


J-Series.  The  routers  have  three 
models:  the  2300, 4300  and  6300. 

The  2300  is  an  8M  bit/sec  device 
with  two  WAN  ports.The  4300  is  a 
16M  bit/sec  router  with  six  WAN 
ports;  and  the  6300  is  a  90M 
bit/sec  device  also  with  six  WAN 
ports.  All  have  two  Fast  Ethernet 
ports  and  will  be  priced  at  less 
than  $2,000,  as  are  Cisco’s.  ■ 


More  online! 


Network  World's  Technology  Tour  on  Remote 
Office  Networking  helps  net  professionals 
meet  the  business  demands  of  branch 
offices,  telecommuters  and  road  warriors. 
Sign  up  to  attend  in  a  city  near  you. 
DocFinder:  1949 


The  Intel®  Itanium®  2  processor. 
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A  wide  range  of  standards-based  solutions. 
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L  router  on  tap  from  Sarvega 


M  BY  JOHN  FONTANA 

Sarvega  next  week  is  expected  to  introduce  an  XML 
router  designed  for  a  WAN,  an  appliance  that  could  make 
it  easier  for  companies  to  integrate  Web  services  across 
multiple  partner  networks. 

Sarvega’s  XML  Context  Router  is  a  gigabit-speed  router 
that  operates  at  Layer  7  as  opposed  to  Layer  3  of  tradi¬ 
tional  routers.  The  router  is  designed  to  integrate  with 
specialized  XML  security  and  acceleration  technology 
that  Sarvega  also  develops  as  does  its  competitors 
DataPower,  Forum  Systems,  Reactivity  and  Westbridge 
Technology. 

XML  Context  Router  is  designed  to  support  the  concept 
of  “loosely  coupled"  components  inherent  in  Web  services. 
Loosely  coupled  means  that  various  Web  services  compo¬ 
nents  or  applications  can  be  integrated  on  the  fly  without 
having  to  be  hard-coded  as  part  of  a  single  application. 
Today  that  loose  coupling  can  be  difficult  to  do  over  the 
firewall  and  among  partner  networks.  Most  companies  re¬ 
sort  to  building  point-to-point  connections  when  they  inte¬ 
grate  Web  services  with  various  partners. 


“As  XML  eats  up  more  and  more  bandwidth, XML  Context 
wants  to  control  that  traffic,” says  Ron  Schmelzer.an  analyst 
with  ZapThink.ZapThink  predicts  that  35%  of  network  traf¬ 
fic  in  2007  will  be  XML-based. 

XML  Context  Router  comes  amid  a  wave  of  new  network- 
based  XML  hardware  for  XML  processing  and  security  from 
DataPower,  Tarari  and  Conformative  Systems.  Those  com¬ 
panies  provide  capabilities  within  dedicated  silicon,  and 
Sarvega  and  others  use  software  embedded  in  an  appli¬ 
ance.  Sarvega  is  the  first  to  offer  a  dedicated  appliance  for 
routing,  but  companies  such  as  Digital  Evolution,  with  its 
Service  Manager,  include  routing  features  in  software  that 
installs  on  standard  servers. 

Sarvega’s  router  appliance,  however,  is  targeted  at  corpo¬ 
rate  network  architects  and  can  be  seen  as  a  layer  on  top 
of  existing  IP-based  network  routing,  company  officials  say 

“This  router  takes  care  of  application  level  quality-of-ser- 
vice,  and  the  underlying  IP-routers  do  packet  QoS,”  says 
Chris  Darby,  CEO  of  Sarvega. 

Experts  say  while  routing  will  become  a  critical  part  of 
Web  services  performance  that  XML  routers  differ  signifi¬ 
cantly  from  traditional  routers  because  there  are  no  stan¬ 


dards  such  as  Open  Shortest  Path  First  (OSPF).That  means 
creating  an  XML  routing  infrastructure  is  a  single  vendor 
proposition. 

“These  routers  now  address  the  same  middleware 
issues  as  enterprise  service  bus  and  integration-broker 
technology”  says  James  Kobielus,  an  analyst  with  Burton 
Group.'Tt’s  like  a  switchboard  for  multi-point  integration 
of  Web  services.” 

XML  Context  Router  controls  where  XML  messages  are 
delivered  and  supports  a  publish-and-subscribe  model  that 
offers  asynchronous,  or  reliable,  messaging,  which  ensures 
messages  are  delivered.The  router  supports  emerging  stan¬ 
dards  such  as  ebXML  Message  Service,  WS-Eventing,  WS- 
Notification  and  WS-ReliableMessaging. 

XML  Context  Router  supports  the  World  Wide  Web  Con¬ 
sortiums  XPath  2.0  standard,  which  is  a  mechanism  for  ref¬ 
erencing  information  within  an  XML  document.  XPath  2.0 
is  the  foundation  for  creating  routing  tables  in  XML  Context 
Router  and  supports  content-aware  routing,  Sarvega  says. 
The  router  supports  gigabit  PCI  and  PCI-X  hardware  to 
function  at  wire  speed. 

XML  Context  Router  is  priced  at  $45,000  per  appliance. ■ 


Fathers 

continued  from  page  1 

those  in  the  computer  and  network  indus¬ 
tries  who  have  become  known  as  technol¬ 
ogy  fathers. 

Some  you  have  undoubtedly  heard  of. 
The  father  of  the  World  Wide  Web, Tim 
Berners-Lee,  recently  was  knighted  by  the 
Queen  of  England.  Sir  Timothy  is  working 
on  his  second  child  —  the  Semantic  Web. 

Some  you  probably  haven’t.The  father  of 
Multi-protocol  Label  Switching  is  Cisco’s 
Yakov  Rekhter. 

Then  there’s  Gary  Thuerk,  the  father  of 
spam. 

As  a  Digital  Equipment  sales  representa¬ 
tive  in  1978,  he  sent  out  a  sales  pitch  to 
several  hundred  names  on  an  early 
ARPANet  mailing  list.Thuerk  says  he  sold 
$10  million  worth  of  Digital  gear  as  a  result 
of  the  mailing  but  the  federal  agency  run¬ 
ning  ARPANet  threatened  to  “throw  me  in 
jail”  if  there  was  ever  a  repeat. 

The  father  of  unsolicited  bulk  e-mail 
continued  his  career  at  Digital  and  now 
HRbut  became  something  of  a  deadbeat 
dad  when  it  came  to  his  demon  spawn. 
Then  a  couple  of  years  ago,  a  trade  publi¬ 
cation  wrote  about  the  origins  of  spam, 
mentioned  Thuerk  and  his  paternal 
instincts  kicked  in. 

These  days  Thuerk  is  basking  in  the 
notoriety.  He  does  interviews  and  can  be 
spotted  at  the  HP  booth  at  various  trade 
shows  handing  out  autographed  pictures, 
and  occasionally  people  ask  him  to  pose 
with  them  for  a  photo.’T  was  the  first  one 
to  do  it,  and  I’m  proud  of  it,”  he  says.  Of 
course, Thuerk  isn’t  unaware  that  most 
people  don’t  like  spam  —  he  made  us 
promise  not  to  print  his  e-mail  address. 

When  it  comes  to  identi¬ 
fying  the  father  of  the 
Internet, Vint  Cerf’s  name 
(not  A1  Gore’s)  pops  up 


most  often,  but  Cerf  graciously  shares  the 
credit. “It  is  a  misnomer  to  name  any  one 
person  the  father  of  the  Internet  —  in 
truth  it  has  had  the  benefit  of  many  par¬ 
ents”  dating  to  the  ARPANet  project  in  the 
1960s. 

He  adds, “Bob  Kahn  and  I  did  the  basic 
work  defining  the  Internet  architecture 
and  its  fundamental  protocols,  now  called 
TCP/IP  So  I  do  not  think  of  myself  as  THE 
father  of  the  Internet  but  it  is  fair  to  say 
that  I  am  one  of  them.”  Cerf  now  is  working 
with  NASA  on  the  interplanetary  Internet. 

Xerox  Parc  alumnus  Alan  Kay  is  often 
referred  to  as  the  father  of  the  PC  and  the 
father  of  object-oriented  programming. 
Kay  also  graciously  shares  parentage  with 
his  co-workers  Bob  Taylor,  Butler  Lampson 
and  Chuck  Thacker. “I’ve  sometimes 
thought  of  myself  as  the  ‘midwife’  of  per¬ 
sonal  computing,  trying  to  birth  the  babjf 
Kay  says. 

He  also  credits  Doug  Engelbart’s  NLS 
system  as  one  of  the  first  you  could  call  a 
“personal  computing  system,”  although  it 
was  implemented  on  a  time-sharing 
mainframe. 

Speaking  of  Engelbart,you  might  know 
him  as  the  father  of  the  mouse.  But  he  is 
also  credited  with  a  number  of  other  inno¬ 
vations,  including  early  hypertext.  A  two- 
way  videoconference  he  set  up  in  1968 
with  staffers  is  sometimes  referred  to  as 
the  “mother  of  all  demos.”  He  was  at  one 
end  and  the  staffers  were  31  miles  away 

Like  Engelbart,  David  Bradley  is  a  seri¬ 
ous  scientist  who  is  best  known  for  a  rela¬ 
tively  modest  invention  that  he  came  up 
with  early  in  his  career  at  IBM.  Bradley  is 
the  father  of  Control-Alt-Delete  (also 
known  as  the  three-fingered  salute),  which 
he  invented  as  a  way  to  shut  down  a  PC. 

He  chose  Control-Alt  on 
one  side  of  the  keyboard 
and  Delete  on  the  other 
side  so  people  wouldn’t 
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lame  that  father 

Can  you  match  these  technology 
dads  with  their  inventions? 


Inventor 


1.  Vic  Hayes  2.  Rouzbeh 
Yassini 


4.  Ken  5.  Seymour 

Thompson  Cray 


3.  Marty 
Cooper 


6.  Bob 
Metcalfe 
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7.  Edgar  8.  Marc 

Codd  Andreessen  Gross 


9.  Al 


Technology 

A.  Relational 
database 

B.  Supercomputer 

C.  Cable  modem 

D.  Ethernet 

E.  Walkie-talkie 


F.  Browser 

G.  Portable  cell 
phone 

H.  Unix 

I.  Wi-Fi 
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accidentally  turn  off  their  machines  if 
they  hit  a  wrong  key  or  two. 

At  a  gathering  on  the  20th  anniversary  of 
the  IBM  PC,  while  sitting  next  to  Bill  Gates, 
Bradley  said,“l  may  have  invented  Control- 
Alt-Delete,  but  Bill  Gates  made  it  really 
famous.” 

Many  industry  fathers  tend  to  shy  away 
from  the  spotlight.  Stanford  professor  John 
Cioffi,  the  father  of  DSL, says, “That  ‘father’ 


name  is  often  applied  to  me  by  others,  but 
I’ve  never  used  it  myself.” 

Ian  Foster,  the  father  of  grid  computing, 
takes  a  similar  tack.'T  find  the  term  ‘gridfa- 
ther’ embarrassing,  and  I  never  use  it,”  he 
writes. 

Others  fight  for  what  they  see  as  their 
rightful  place  in  history.  Brent  Townshend 
is  the  father  of  the  56K  bit/sec  modem 
and  has  filed  multiple  lawsuits  to  establish 
paternity 

Bill  Inmon  has  made  a  career  out  of 
being  father  of  the  data  warehouse.  He 
coined  the  term,  wrote  the  first  book 
and  ran  the  first  conference  on  data 
warehousing. 

Sometimes  corporate  marketing  mach¬ 
ines  get  ahead  of  the  game.  We  met  re¬ 
cently  with  WebCohort  CEO  and  co-found¬ 
er  of  Check  Point  Shlomo  Kramer,  who  was 
dubbed  father  of  the  firewall  in  some  press 
materials.  He  looked  somewhat  sheepish 
as  he  recalled  that  he  wrote  the  code  for 
FireWall-1  sitting  at  the  kitchen  table  in  his 
grandmother’s  apartment  in  Israel. 

Other  times  the  inventors  get  ahead  of 
the  corporate  marketing  machines.  If  you 
look  at  Apple  employee  Tony  Fadell’s  Web 
site,  it’s  clear  he  considers  himself  father  of 
the  iPod.  But  Apple  doesn’t  let  Fadell 
speak  to  the  press,  and  an  Apple  spokes¬ 
man  told  us  emphatically“Tony  Fadell  is 
not  the  father  of  the  iPod.”The  PR  people 
seem  to  have  the  upper  hand  —  in  a 
recent  Newsweek  story,  Steve  Jobs  was 
described  as  “the  man  behind  the  iFbd.” 

You  wouldn’t  think  there  could  be  any 
dispute  over  the  fact  that  Linus Torvalds  is 
the  father  of  Linux.  But  you’d  be  wrong. 
The  Microsoft-sponsored  Alexis  deToque- 
ville  Institution  recently  published  a  paper 
questioning  Torvalds’  parentage. 

To  which  Torvalds  responded:“OK,  I 
admit  it.  I  was  just  a  frontman  for  the  real 
fathers  of  Linux,  the  Tooth  Fairy  and  Santa 
Claus.”  ■ 
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HP  ProCurve  Networking  delivers 
what  businesses  demand. 

That’s  why  more  and  more  businesses 
demand  HP  ProCurve  Networking. 


HP  ProCurve  holds  the  number  2  position  in  the  market*  And  that’s  because  we  give  businesses  what 
they  need:  Secure,  mobile,  multiservice  networks  that  are  as  affordable  as  they  are  performance 
driven.  Standards-based  solutions  that  reduce  complexity  and  provide  scalable  growth.  A  lifetime 
warranty**  software  updates,  phone  and  Web  support.  All  with  the  level  of  reliability  people  have 
come  to  expect  from  HR  When  businesses  demand  more,  HP  ProCurve  delivers. 


IP  ProCurve  Networking  is  number  2  in  port  shipments  for  2003  among  all  tracked  competitors  in  North  America.  Europe,  the  Middle  East  and  Africa  according  to 
lell'Oro  Group's  Q4  '03  Ethernet  Switch  Report.  **For  as  long  as  you  own  the  product  (available  in  most  countries).  ©2004  Hewlett-Packard  Development  Company,  LR 
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continued  from  page  1 

to  the  campus  LAN  they  intro¬ 
duced  the  Blaster  congestion,” 
says  Arthur  Brant,  network  admin¬ 
istrator  at  the  university,  which  has 
6,000  students  and  faculty  on  its 
network.  “Prior  to  this  event,  our 
mentality  was  that  the  untrusted 
portion  was  outside  on  the  Inter¬ 
net.  But  we  realized  what  we 
needed  to  do  was  to  protect  our¬ 
selves  from  the  students  and  the 
students  from  themselves.” 

With  no  way  to  enforce  software 
patch  updates  —  worms  typically 
infiltrate  desktops  and  servers 
through  unpatched  vulnerabili¬ 
ties  —  Abilene  Christian  em¬ 
ployed  an  approach  that  calls  for 
its  campus  LAN  switches  to  play  a 
more  prominent  security  role. 

The  university’s  Alcatel  Omni- 
Switch  6600  switches  now  are  set 
up  to  stop  students  deemed  to 
have  infected  PCs  from  gaining 
full  access  to  the  campus  LAN 
until  they  remedy  their  comput¬ 
ers’  problems. 

This  is  being  done  by  sharing 
with  the  Alcatel  OmniVista  switch 
management  console  the  intru¬ 
sion-detection  alerts  about 
worms  that  the  university’s  Snort- 
based  network  sensors  generate. 

The  university  deployed  the  sen¬ 
sors  inside  the  campus  network 
to  watch  for  signs  of  worm  attacks 
—  such  as  a  computer  “spewing 
out  port  scans,”  Brant  says  —  to 
identify  the  source  and  alert  the 
Alcatel  OmniSwitch  manage¬ 
ment  console  of  the  worm  out¬ 
break.  OmniVista  is  set  up  to  auto¬ 
matically  quarantine  the  infected 
machine  by  isolating  it  on  a  spe¬ 
cial  virtual  LAN  (VLAN). 

“Once  a  student  is  kicked  over 
to  the  quarantine  VLAN,  there’s  a 
secondary  server  that  says, ‘you’ve 
been  quarantined.’  It  offers  anti¬ 
virus  or  virus-removal  tools  as  an 
option  for  remediation,  as  well  as 
a  contact  to  call  in  the  IT  depart¬ 
ment  for  help,”  Brant  says. 

Alcatel’s  Jean-Luc  Ronarch,  di¬ 
rector  of  security  strategy,  says  the 
company  next  month  formally 
will  introduce  the  quarantine 
capability  that  Abilene  Christian 
is  beta-testing.  General  availability 
in  the  OmniVista  management 
console  is  expected  later  this  fall. 
He  says  it  will  require  no  changes 
in  Alcatel  switches  themselves. 

“What  we’re  doing  is  creating  a 
link  between  intrusion  detection 
and  the  VLAN  to  bridge  them 
together’’  Ronarch  says. 

Tom  Burns,  senior  vice  presi¬ 
dent  and  general  manager  of 
Alcatel’s  infrastructure  business, 
says  Alcatel  expects  to  detail  this 


summer  how  its  switches  also  can 
take  on  more  policy-enforcement 
policing  activities  through  interac¬ 
tion  with  VPNs  and  firewalls. 

Last  month  at  NetWorld+ 
Interop,  Alcatel  demonstrated 
how  Sygate  policy-enforcement 
software  could  be  used  to  vali¬ 
date  whether  a  user’s  computer 
had  the  appropriate  anti-virus 
and  firewall. The  Sygate  desktop 
agent  could  share  that  informa¬ 
tion  with  OmniVista  for  the  pur¬ 
poses  of  network  quarantine. 
Though  not  yet  generally  avail¬ 
able,  Alcatel  says  it  hopes  to  add 
interaction  with  Sygate’s  soft¬ 
ware  for  quarantine  as  well. 

Customers  say  they’re  inclined 
to  prefer  switches  that  can  help 
them  in  their  security  tasks. 

“When  you  buy  and  build  infra¬ 
structure,  it’s  not  just  about  speeds 
and  feeds  anymore,”  says  Vincent 
Cattone,  vice  president  and  direc¬ 
tor  of  infrastructure  financial  ser¬ 
vices  firm  Eaton  Vance  in  Boston. 

Eaton  Vance  has  deployed  12 


Enterasys  Matrix  switches  and 
wants  them  to  play  a  bigger  role 
in  helping  the  firm  comply  with 
regulatory  demands  such  as 
Sarbanes-Oxley  One  new  Entera¬ 
sys  switch-management  product 
module,  called  the  NetSight  Atlas 
Automated  Security  Manager 
(ASM),  will  provide  a  way  for 
Eaton  Vance  IDSs  to  process 
alerts  at  a  Matrix  management 
console  and,  as  an  option,  auto¬ 
matically  instruct  a  Matrix  switch 
to  shut  down  ports  or  other 
actions. 

Eaton  Vance  has  tested  ASM  in  a 
lab  and  soon  will  put  it  into  pro¬ 
duction  use.  Although  Cattone  is 
not  ready  to  automate  across  the 
board,  he  says  there  are  circum¬ 
stances  —  such  as  when  a  worm 
attack  begins  at  2  a.m. —  in  which 
he  would  automate  the  process 
to  shut  down  ports  until  IT  staff 
could  get  a  handle  on  the  prob¬ 
lem.  He  sees  most  major  switch 
vendors  moving  toward  a  greater 
integration  of  security  capabili¬ 
ties.  “The  whole  industry  is  going 
this  wa^’  he  says. 

The  Enterasys  ASM  also  can  iso¬ 
late  a  worm-infected  machine 
into  a  VLAN  using  the  Enterasys 
Dragon  IDS,  says  Bill  Clark,  the 


switch  vendor’s  senior  director  of 
product  management.  Enterasys 
later  this  month  expects  to  detail 
an  expansion  of  its  policy-based 
quarantine  methodology  by  also 
showing  how  ASM  can  make  use 
of  information  from  vulnerability- 
assessment  tools  and  anti-virus 
policy  enforcement  software  to 
quarantine  users  that  violate 
security  policies. 

Cisco,  which  already  offers 
intrusion-detection  and  firewall 
modules  for  its  Catalyst  switch 
line,  expects  to  add  the  capability 
for  switches  and  routers  to  detect 
and  block  distributed  DoS  attacks 
later  this  summer  that  would  be 
based  on  technology  gained 
through  acquisition  of  Riverhead 
Networks. 

In  addition,  by  working  with 
Trend  Micro,  Cisco  plans  to  add 
the  ability  to  block  worms  direct¬ 
ly  through  Catalyst  switches  in 
the  fall. 

Cisco  also  is  working  with  anti¬ 
virus  vendors  Network  Associates, 


Symantec  and  Trend  Micro  to 
include  a  way  to  quarantine  users 
who  don’t  have  the  required  anti¬ 
virus  or  patch  updates,  in  way  sim¬ 
ilar  to  Alcatel’s  approach. 

The  first  fruits  of  that  effort, 
called  Cisco’s  Network  Admission 
Control  program,  are  expected 
next  month.  Customers  say  it’s 
important  for  Cisco  to  plot  out 
this  kind  of  road  map  for  its 
switches. 

“It  really  matters  to  us,”  says  Dan 
Maloney  assistant  director  for  net¬ 
work  services,  infrastructure  and 
clinical  engineering  at  hospital 
system  Baystate  Health  System  in 
Springfield,  Mass. 

Baystate  uses  the  Cisco  6513 
switch  with  the  IDS  capability  at 
its  core.  Any  added  security-pre¬ 
vention  benefits  that  Cisco  can 
integrate  into  its  switches  is  wel¬ 
come,  Maloney  says.  He  says  he 
now  expects  switches  to  provide 
security  functions  and  how  they 
do  that  will  influence  his  buying 
decisions. 

Sometimes  switches  gain  fans 
simply  because  they  make  securi¬ 
ty  chores  easier. 

Siemens  Medical  Systems  in 
Malvern,  Pa.,  maintains  a  WAN 
with  about  100  Ethernet  switch¬ 


es,  all  in  the  Cisco  Catalyst 
series,  and  dozens  of  applica¬ 
tions  for  use  by  customers.  The 
company’s  IT  department  last 
year  began  monitoring  network 
quality  and  application  use  by 
plugging  in  the  Network 
Associates  Distributed  Sniffer 
appliance  at  various  switches. 

William  Griswold,  network 
manager  at  the  medical  equip¬ 
ment  manufacturer,  says  his 
company  added  the  Apcon  144- 
port  IntellaPatch  cross-connect 
switch  in  its  data  center  because 
it  makes  the  network  sniffing 
process  much  easier. 

“I  had  to  dedicate  a  Sniffer  to 
each  of  the  18  Cisco  Systems 
6500  Series  Layer  3  series  switch¬ 
es  by  hard-wiring  them  to  the 
chassis  to  do  the  data  capture,” 
Griswold  says.  He  saw  he  was 
faced  with  buying  more 
Distributed  Sniffer  appliances  for 
80  other  Cisco  switches,  includ¬ 
ing  the  Catalyst  1900,  2000,  3000 
and  4000  series. 

Instead  of  buying  more  Sniffer 
appliances,  Griswold  purchased 
the  Apcon  switch,  into  which  he 
plugged  the  monitor  interface  of 
Distributed  Sniffer  early  this  year. 
The  switch  can  mirror  data  com¬ 
ing  in  and  out  of  one  Cisco  span 
port  to  another  so  Siemens  can 
capture  the  needed  Sniffer  data 
across  the  80  Cisco  switches 
through  Apcon.  “[The  Apcon 
switch]  dramatically  increased 
our  ability  to  support  this  net¬ 
work,”  he  says. 

Apcon  says  other  types  of  net¬ 
work  analysis  equipment,  such 
as  the  Fluke  OptiView  Work¬ 
group  Analyzer,  can  work  similar¬ 
ly  using  IntellaPatch. 

Third-party  vendors  also  are 
getting  on  the  switch-and-secur- 
ity  bandwagon. 

Set  to  be  announced  this  week, 
Arbor  Networks’  third  version  of 
its  PeakFlowX  appliance  for 
monitoring  and  analyzing  traffic 
flows  will  be  capable  of  blocking 
unwanted  traffic  by  directly 
instructing  Cisco  Catalyst  6 
switches  what  steps  to  take  to 
limit  network  services  for  desk¬ 
top  users,  servers  and  printers. 

This  type  of  blocking  is  based 
on  IP  address  and  ports.lt  would 
be  used  at  the  start  of  a  worm 
outbreak  or  DoS  attack,  or  when 
other  threats  are  spotted,  says 
Rob  Malan,  Arbor’s  CTO.  Some 
blocking  rules  also  could  be 
applied  after  a  major  vulnerabili¬ 
ty  is  made  public  before  a  worm 
exploit  appears.  ■ 
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a  Saturday 
morning 

_  in  late 

2001,  IT  workers  at  The  Seattle 
Times  were  busy  moving  a  news 
bureau  to  a  new  location  when 
disaster  struck:  They  dropped 
the  PBX. 

“It  crashed  and  burned,  and  we 
had  no  replacement,”  says  Thomas 
Dunkerley,  IT  communications  man¬ 
ager  for  the  company 

Dunkerleys  group,  however,  was  con¬ 
currently  installing  a  new  IP  PBX  at  its 
headquarters, and  a  light  bulb  went  off. 

The  company  already  had  a  T-l  line 
from  headquarters  to  the  new 
bureau  site.“We  looked  at  the  T-l, 
looked  at  the  new  voice-over-IP 
system  and  thought,  isn’t  this 
what  VoIP  is  supposed  to  do?” 

Dunkerley  says. 

Within  four  hours  his  crew 
had  installed  a  router,  a  DSU 
and  an  Ethernet  switch  in  the 
bureau  and  hooked  up  the  other 
end  to  the  IP  PBX.“We  had  full  phone 
connectivity  to  the  office  at  virtually  no 
cost,”  he  says. 

On  Monday  morning,  Dunkerley  sat  in  his  office,  waiting 
for  the  inevitable  phone  calls  from  bureau  users,  wondering 
how  to  deal  with  the  new  phones  on  their  desks.  The  calls 
never  came.  He  called  the  office  manager,  who  said  everyone 
was  getting  along  just  fine. The  manager  declined  Dunkerleys 
offer  of  user  training  —  no  need,  as  the  phones  were  quite 
intuitive.“ln  two-and-a-half  years,  no  one  has  ever  asked  us  for 
user  training.” 

“That  incident  alone,  if  we  look  at  the  downtime  that  office 


would  have  suffered,  probably  paid  for  the 
VoIP  installation,”  he  says,  noting  it 
would’ve  taken  a  week  and  a  half  at  best 
to  get  a  new  PBX  installed. 

Finding  the  ROI 

Extending  phone  services  to  new  loca¬ 
tions  is  one  of  the  biggest  returns  that  users 
report  on  their  IP  telephony  investments  — 
even  when  they  don’t  drop  a  PBX  in  the  pro¬ 
cess.  Other  ROI  gains  include  savings  from 
simplified  moves,  adds  and  changes,  lower 
cabling  costs, toll  bypass  and, as  Dunkerleys 
experience  illustrates,  reduced  end-user 
support  expenses.  Savings  can  be  had 
on  the  end-user  side,  too,  although 
they  generally  stem  from 
improved  productivity  and 
thus  can  be  difficult  to 
accurately  document. 

Small  and  midsize  busi¬ 
nesses  generally  will  have 
an  easier  time  making  the 
ROI  case  because  they  are 
less  likely  to  have  numerous 
PBXs  that  need  amortizing 
before  making  the  switch  to  IP 
voice.  And  the  savings  they  can  get  from 
reduced  WAN  voice  charges  are  likely  to  be  pro¬ 
portionately  more  than  for  larger  companies,  which  can  al¬ 
ready  drive  such  hard  bargains  on  voice  services  that  any  sav¬ 
ings  from  VoIP  are  negligible. 

Savings  from  reduced  moves,  adds  and  changes  is  probably 
the  benefit  touted  most  loudly  —  with  good  reason,  according 
to  Johna  Till  Johnson,  president  of  Nemertes  Research  and  a 
Network  World  columnist.  A  Nemertes  survey  of  100  companies 
with  average  IT  budgets  of  $10  million  or  more  shows  that 
employees  move  an  average  of  .87  times  per  year  —  or  almost 
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Counting  tip 
the  benefits 

Top  benefits  of  IP  telephony 
deployments  realized  by 
respondents  to  a  Sage 
Research  survey 


Realized  benefit 


Percentage  of 
respondents 
receiving  the 
benefit 


Average  benefit 
experienced 


IT  benefits: 

Time  saved  in  moves,  adds 
and  changes. 

72% 

1.5  hours  per  move 

Time  saved  in  opening  new 
office. 

55% 

3.8  weeks  per  new 
office 

IT  staff  time  saved  as  end 
users  can  use  telephony 
features  without  help. 

43% 

5.5  hrs.  /  week  /  IT 
employee  involved 
with  phone  support 

Time  saved  from  eliminating 

IT  travel. 

42% 

13  hours/month/IT 
employee,  or  19 
days  per  year 

Non-IT  benefits: 

Easier  moves,  adds  and 
changes  lets  employees  move 
workspaces  more  often. 

71% 

3  more  moves  per 
year 

Time  savings  from  features 
such  as  presence,  follow-me 
features  and  advanced  voice 
mail. 

50% 

3.9  hours/week/ 
employee,  or  25 
days  per  year 

Time  savings  by  extending  all 
system  features  to  remote 
office  employees. 

48% 

4.3  hours/remote 
office  employee/ 
week,  or  28  days 
per  year 

Time  savings  by  extending  all 
system  features  to 
telecommuters. 

47% 

5  hours  per  week, 
or  33  days  per  year 

once  every  year  —  at  a 
cost  of  $100  per  move. 

For  a  company  with 
1,200  employees,  that 
amounts  to  $104,400  in 
annual  costs  that  literally 
go  away  with  IP  teleph¬ 
ony  because  users  can 
move  their  own  phones. 

In  a  similar  survey  of 
100  IP  telephony  users, 

Sage  Research  found  the 
ability  to  easily  change 
location  benefited  not 
only  IT  departments,  but 
also  end  users.  IP  teleph¬ 
ony  makes  it  easy  for 
companies  to  pull  team 
members  together  for 
the  duration  of  a  project 
and  then  relocate  them 
for  the  next  project.  In 
fact,  71%  of  respondents 
to  the  Sage  survey  said  IP 
telephony  let  employees 
relocate  more  frequently 
—  an  average  of  three 
additional  moves  per 
year  (see  graphic). “The 
degree  to  which  people 
are  mobile  within  the 
building  is  astounding,” 
says  Kathryn  Korostoff, 
president  of  Sage. 

Dunkerley  says  he  saves 
“days  per  move."  The 
actual  time  spent  on  a 
move  typically  is  spread 
out  over  several  days, 
from  the  time  the  initial 
request  is  made  to  when 
the  technician  actually 
fulfills  it.  He  figures  each 
move  costs  between  $90 
and  $120  and  that  25%  of 
the  employees  in  his 
company  move  each  year,  for  about  250 
moves  per  year,  which  saves  him  $22,500 
to  $30,000  per  year. 

The  greenfield  difference 

Aaron  Branham,  vice  president  of 
operations  for  Monster  Worldwide  in 
Maynard,  Mass.,  which  owns  the 
Monster,  com  recruitment  Web  site,  says 
he’s  seen  similar  benefits  from  moves, 
adds  and  changes  at  a  new  location  in 
Australia  that  was  outfitted  with  IP 
telephony  gear. 

Because  the  Australian  site  was  new, 
with  no  incumbent  PBX  to  replace,  it 


was  easy  to  make  the  case  for  VoIP  “The 
price  points  are  there, as  well  as  the  reli¬ 
ability,  ease  of  setup  and  the  ability  to 
move  people  around,”  Branham  says. 
By  installing  all  Cisco  IP  telephony 
equipment  the  company  cut  in  half  the 
amount  of  cabling  it  needed.  Most  of  its 
IP  phones  have  two  ports  —  one  to 
connect  to  the  network,  the  other  to  a 
PC,  so  you  could  get  by  with  just  one 
cable  drop  in  each  cube.“But  most  peo¬ 
ple  put  in  two,”  he  says,  “because  you 
never  know.” 

It’s  far  more  difficult  to  make  the  case 
for  VoIP  in  offices  that  already  have 


PBXs.  Monster  has  grown 
in  part  through  acquisi¬ 
tions,  so  it  has  PBXs  from 
multiple  vendors. 

“The  PBX  vendors 
don’t  want  you  to  use 
another  provider  so  they 
are  very  aggressive  on 
the  pricing,  which  makes 
it  difficult  to  standardize 
on  a  single  vendor’s  VoIP 
implementation,” 
Branham  says. 

He  is  speaking  from 
experience  because 
Monster  has  two  more 
VoIP  implementations, 
including  a  beta  ver¬ 
sion  of  a  Nortel  IP  PBX 
that  serves  an  IT  devel¬ 
opment  group  split  be¬ 
tween  Maynard  and 
Prague  in  the  Czech 
Republic,  and  an  Avaya 
IP  PBX  that  supports 
call  centers  in  Maynard 
and  Indianapolis.  The 
two  can  communicate 
with  each  other,  but 
“the  interoperability  be¬ 
tween  the  two  is  a  pri¬ 
vate  ISDN  link,  not  VoIP,” 
he  says.  “And  that’s  not 
uncommon.  You  get 
converted  to  the  PSTN 
as  your  lowest  common 
denominator.” 

Further  complicating 
the  effort  to  standardize 
on  one  VoIP  implemen¬ 
tation  is  the  need  to  fully 
depreciate  PBXs,  which 
often  are  capitalized 
over  10  years. 

“It  depends  on  where 
you  are  in  the  life  cycle. 
Sometimes  you’re  go(ng  to  have  to  wait 
five  or  six  years  before  you  can  even  start 
trying  to  make  a  case  to  swap  it  out,” 
Branham  says. 

Mining  voice  savings 

Another  development  that’s  making  it 
more  difficult  to  justify  VoIP  is  that  voice 
service  costs  have  been  dropping  con¬ 
sistently  for  several  years.  At  one  time 
companies  envisioned  using  VoIP  for  off- 
net  calls  by  routing  them  to  network 
edge  points  close  to  destinations  and 
then  dumping  them  into  the  PSTN.  “We 
looked  at  that  but  just  couldn't  make  the 


numbers  work,”  Branham  says.  “When 
people  started  a  few  years  ago,  voice  was 
5,7  or  10  cents  per  minute.  Now  it’s  down 
to  a  penny  or  two.” 

There  are,  of  course,  exceptions  to  the 
rule,  namely  for  smaller  businesses  that 
can’t  get  bargain-basement  voice  rates. 
BeyondSoft,  a  software  service  provider 
in  Beijing,  uses  a  VoIP  appliance  from 
Zultys  Technologies  in  its  headquarters 
for  internal  communications,  mainly 
among  project  managers  and  technical 
personnel,  says  Roger  Zhang,  technical 
director  for  the  firm.  His  plan  is  to  install 
additional  Zultys  units  in  countries 
where  the  company  does  business, such 
as  Japan  and  the  U.S.,and  to  carry  voice 
calls  over  the  Internet.  Zhang  figures  the 
strategy  will  save  him  50%  or  more  vs. 
the  PSTN. 

Nevada  County, Calif., a  rural  area  in  the 
northeast  part  of  the  state,  currently  has 
about  1,000  phones  on  its  VoIP  network 
spread  across  nine  sites,  with  two  more 
to  be  outfitted  by  July  l,says  Bill  Miller, 
desktop  services  manager  for  the  county 
By  connecting  to  a  state  ATM  network 
and  running  IP  voice  to  Sacramento,  he 
figures  he  can  save  more  than  60%  on 
calls  to  the  916  area  code,  or  about 
$7,200  per  year.  He  also  plans  to  tie  in 
Sierra  County  to  his  VoIP  network  via  a 
T-l,  letting  users  there  save  on  calls  to 
locations  that  the  Nevada  County  net¬ 
work  serves.'The  state  of  California  is  vir¬ 
tually  broke, so  we  get  creative, especially 
in  the  rural  areas,”  Miller  says. 

Simplified  support 

Like  other  VoIP  users,  Miller  also  real¬ 
izes  IT  savings  in  the  form  of  simplified 
support. The  Siemens  PBX  that  his  3Com 
VoIP  equipment  replaced  was  so  old  that 
“we  could  only  get  parts  at  a  virtual  junk- 


Web  cast: 


yard,”  he  says.  The  county  performed 
maintenance  in-house,  calling  in  con¬ 
tractors  as  necessary,  at  a  total  cost  of 
about  $200,000  per  year  —  $50,000  in 
hardware  and  $150,000  in  labor.  Labor 
costs  with  the  VoIP  system  are  only  about 
$50,000  per  year  and  hardware  runs 
$15,000  (with  none  in  the  first  year,  when 
the  system  was  under  warranty).  That 
comes  out  to  an  average  savings  of 
$140,000  per  year  in  the  three  years  the 
system  has  been  operational. 

Another  plus  for  Miller:  It’s  easier  to 
find  data  network  help  than  telecom  ex- 
pertise.“My  PC  guys  didn’t  want  anything 
to  do  with  the  legacy  telephone  system, 
but  now  because  the  telephone  is  an  IP 
device,  they’re  interested.  I  went  from 
one  technician  on  the  telecom  side  to 
eight  ‘telecom’  technicians.” 

The  distributed  nature  of  IP  telepho¬ 
ny  systems  also  leads  to  IT  savings,  says 
Tom  Valovic,  program  director  for  IP 
telephony  at  IDC.“In  the  case  of  an  IP 
PBX, you  can  have  a  centralized  system 
with  distributed  media  gateways,  and 
you  don’t  have  to  send  someone  phys¬ 
ically  to  each  location  to  upgrade  soft¬ 
ware  as  you  did  with  traditional  PBX 
systems.” 

As  The  Seattle  Times  case  shows,  IP 
PBXs  also  require  less  equipment  at 
each  remote  site.  And  end-user  support 
costs  are  reduced  dramatically  because 
phone  features  are  generally  more  intu¬ 
itive,  with  simple  one-button  commands 
for  features  such  as  call  hold,  forward 
and  conferencing. 

“With  legacy  systems,  people  often  said 
they  had  a  PBX  with  200  features,  but 
were  lucky  to  get  people  to  use  voice 
mail  correctly  Korostoff  says.  Now  users 
are  starting  to  employ  advanced  follow- 
me  features. 


New  Web  cast:  The  ROI  of  convergence 


Join  Network  World  President  and  Editorial 
Director  John  Gallant,  Paul  Desmond,  president 
of  PDEdits,  and  Kathryn  Korostoff,  president  of 
Sage  Research  in  an  exclusive  Web  cast,  which 
looks  at  the  promise,  problems  and  potential  pay¬ 
back  of  convergence.  See  how  all  signs  point  to  a 
converged  future,  where  integrated  backbones 
support  voice,  data  and  video,  replacing  parallel 
networks  and  ostensibly  leading  to  greater 
economies  and  powerful  new  applications. 

Watch  it  now: 
www.itworld.com/roi/ 


Improving  productivity 

Many  of  the  productivity  benefits  from 
IP  convergence  are  difficult  to  quantify. 
Savings  related  to  features  such  as  uni¬ 
fied  messaging,  which  lets  users  receive 
voice  mail  messages  in  their  e-mail  in¬ 
boxes  (and  the  reverse  in  some  cases), 
have  a  clear  ROI, Valovic  says. 

“It’s  directly  related  to  the  allocation 
of  employee  time  and  availability. 
That’s  a  pretty  straightforward  proposi¬ 
tion,”  he  says. 

The  stickier  ROI  calculations, Valovic 
says,  involve  the  collaborative  features 
of  converged  applications  that,  for 
example,  let  a  team  work  together 
more  effectively  —  perhaps  with 
online  whiteboards,  videoconferenc¬ 
ing,  instant  messaging  and  presence 
technology  that  makes  it  easier 
to  bring  a  group  together  on  short 
notice. 

Whether  such  productivity  gains  are 
even  measured  varies  widely  by  vertical 
industry,  Nemertes’  Johnson  says,  or 
whether  the  gain  can  be  calculated  as 
being  delivered  solely  by  IP  telephony 
features. 

Sales  is  an  example  where  IP  teleph¬ 
ony  features  such  as  follow-me  and 
presence  clearly  have  a  positive  effect. 
Johnson  gives  the  example  of  a  sales¬ 
person  armed  with  a  BlackBerry  device 
at  a  client  site.The  client  asks  a  question 
the  salesperson  can’t  answer.  Rather 
than  promise  to  follow  up  later,  the 
salesperson  can  “see”  an  engineer  is  at 
his  desk  who  likely  will  know  the 
answer.  He  dials  the  engineer  or  sends 
an  instant  message  asking  him  to  join  a 
conference  call.  “We  call  that  just-in- 
time  fetch  the  expert,"  Johnson  says. 
“Either  it  makes  a  sale  more  likely  to 
close,  increases  your  close  rate  or  re¬ 
duces  the  sales  cycle  so  one  salesper¬ 
son  can  close  more  deals.” 

The  Seattle  Times'  Dunkerley  agrees 
that  unified  messaging  and  other  appli¬ 
cations  have  “certainly”  improved  pro¬ 
ductivity,  but  hasn’t  crunched  the  num¬ 
bers  to  prove  it  —  although  not  for  lack 
of  trying,  noting  consultants  have  tried 
to  come  up  with  ROI  figures. “They  had 
very  complex  formulas,  with  constant 
measurements  of  how  much  time  was 
spent  doing  different  tasks,”  he  says.  “It 
was  just  too  much  for  us.  It  would’ve 
been  a  laboratory  experiment.” 

Desmond  is  president  of  PDEdit  in 
Framingham,  Mass,  (www.pdedit.com). 
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LET  QWEST  iQ  NETWORKING  TRANSFORM  YOUR  NETWORK 


Some  say,  “No  way.”  We  say,  “Bring  it  on.”  Qwest  iQ  Networking  makes  disparate  transport  technologies  act 
like  a  single,  state-of-the-art  network.  Now  your  ATM,  frame,  private-line  and  IP-based  networks  can  all  work 
together  as  one  seamless  entity.  Better  security,  more  robust  hosting  capabilities  and  more  diverse 
solutions  are  at  your  beck  and  call  with  our  converged,  intelligent  OC-192  MPLS-based  network.  Which 
means  you’ll  also  get  more  out  of  the  applications  you’ve  already  invested  so  much  time,  money  and  energy 
in.  And  you’ll  be  able  to  adapt  more  readily  and  proficiently  with  new  technologies  like  VoIP.  So  give  us  a  call 
when  you're  ready  to  advance  your  network  to  a  new  level  of  converged  harmony.  We’re  waiting  in  the  wings 
with  the  tools  to  make  it  happen. 

1  800-506-0663  or  visit  qwest.com/networksolutions 


Spirit  of  Service"4 

VOICE  S  0  L  U  T  I  0  N  S  DATA  S  0  L  0  T  :(  0  N  S  INTERNET  S  0  L  U  T  I  0  N  S  MANAGED  S  0  L 


Qwest  iQ  Networking  Qwest  IQ  Networking  is  a  suite  of  WAN  services  with  domestic  and  international  availability,  depending  on  services  selected.  Recurring  tees  vary,  depending 
on  services  ordered.  Additional  equipment  may  be  required.  Ail  trademarks  are  the  property  of  Qwest  Communications  international  Inc.  ©2004  Qwest  All  rights  reserved 
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N/WAN  SWITCHES  AND  ROUTERS 
CCESS  DEVICES  ■  SERVERS  ■  VPNS 
OPERATING  SYSTEMS  B  NETWORKED  STORAGE 
VOIP  B  WIRELESS  NETWORKS 


VoIP  requires  wide  range  of  planning 

-actors  to  weigh  in  setting  up  VoIP  environments  are  not  always  obvious. 


I  BY  TIM  GREENE 

When  network  executives  evaluate  their 
letworks  to  see  if  they  are  ready  for  VoIP 
hey  must  look  beyond  the  factors  that 
ump  to  mind  immediately  say  those  who 
lave  been  through  the  process. 

Checking  a  corporate  LAN  to  determine 
f  it  has  enough  bandwidth  and  can  sup- 
>ort  quality  of  service  (QoS),  determining 
i  source  of  power  for  phones  and  integrat- 
ng  an  IP  PBX  with  the  traditional  PBX  are 
ill  a  necessary  part  of  the  drill. 

But  evaluating  WAN  services,  the  role  of 
vireless  voice  and  ongoing  funding  for 
'oice  services  are  among  the  less  obvious 
actors  that  should  be  considered,  experi- 
>nced  users  and  experts  say 

Potential  VoIP  users  might  decide  that 
lowering  IP  phones  via  an  Ethernet  cable 
eeding  the  phone  —  Power  over  Ethernet 
—  is  the  way  to  go,  says  VoIP  consultant 
)ary  Audin,  president  of  networking  inte- 
jrator  Delphi,  who  spoke  at  the  recent 
/oice  on  the  Net  show.  But  other  equip- 
nent,  such  as  videoconferencing  gear, 
vireless  access  points  and  IP  security  cam- 
;ras,  someday  might  become  part  of  the 
:orporate  plan  and  increase  demand  for 
lowered  lines.  “Think  longer  term,”  Audin 
ays.  “You  may  need  more  [powered] 
witch  ports  than  you  think.” 

Similarly  adding  wireless  IP  voice  capa- 
lilities  can  rapidly  increase  the  demand 
or  wireless  access  points  that  previously 
landled  only  data,  Audin  says.  “More 
iccess  points  means  more  ports  on  LAN 
witches,  and  that  means  more  cabling.” 


■  Aten  Technologies  introduced  this 
week  a  keyboard  video  mouse  switch 
that  lets  as  many  as  four  users 
access  and  control  up  to  32  comput¬ 
ers  connected  to  it.  By  a  combination 
of  daisy-chaining  and  cascading,  the 
Matrix  KVM  switch  ultimately  can  link 
32  users  and  4.096  computers  for 
remote  control  and  access  to  the 
server's  keyboard,  video  and  mouse, 
i  The  Matrix  costs  $4,000. 


VoIP  reminders 

There  are  many  network  questions  to  answer  before  deciding  to  undertake 
a  VoIP  conversion.  Some  of  them  include: 

•  What  role  will  VoIP  over  wireless  play  and  what  will  be  its  demands  on  the  network? 

•  Will  video  over  IP  follow  voice  over  IP? 

•  How  much  space  will  new  gear  take? 

•  Will  air  conditioning  need  to  be  beefed  up  to  handle  heat  from  new  gear? 

•  Is  cabling  up  to  snuff  and  is  enough  run  to  meet  future  needs? 

•  How  will  faxes  and  other  analog  phone  use  be  supported? 

•  How  will  VoIP  networks  be  backed  up? 


Wireless  VoIP  phones  also  require  a  care¬ 
ful  assessment  of  available  wireless  spec¬ 
trum,  says  John  Haltom,  network  director 
for  technology  management  for  Erlanger 
Health  Systems  in  Chattanooga,  Tenn., 
which  runs  hospitals.  Wireless  telemetry  of 
patient  vital  signs  and  wireless  control  of 
medical  devices  such  as  ventilators  must 


be  studied  to  avoid  bandwidth  conflicts 
that  could  have  dire  consequences. Careful 
bandwidth  management  in  areas  where 
these  sensitive  devices  are  in  operation  is  a 
must,  he  says. 

Designing  the  layout  of  wireless  access 
points  also  requires  care  to  ensure  relia¬ 
bility  as  doctors  and  nurses  move  around, 


Haltom  says.  One  access  point  supports 
six  to  eight  simultaneous  calls,  so  if  more 
calls  are  likely  to  come  from  a  given  area, 
more  access  points  will  be  needed.  To 
determine  this  demand,  “I  go  people- 
watch,”  he  says.That  is,  he  stands  in  an  area 
to  see  how  many  people  use  the  phones 
as  part  of  a  trial  actually  make  calls  at  any 
given  time. 

QoS  is  another  important  consideration 
that  should  be  measured  on  the  wide  area 
and  the  LAN  if  voice  traffic  is  to  be  sent 
between  corporate  sites, says  Ron  Pike,  tele¬ 
com  manager  for  EDAWan  urban  planning 
firm  in  San  Francisco.  The  company  is  in 
the  process  of  installing  a  600-phone 
ShoreTel  VoIP  network. 

Sending  IP  voice  between  company 
facilities  can  save  long-distance  charges, 
particularly  on  international  lines.  He 
knew  two  years  ago  when  he  was  studying 
the  problem  that  his  provider,  Qwest, 
couldn’t  provide  it.  But  now  it  can, and  he 
recommends  evaluating  and  upgrading 

See  VoIP,  page  18 


Deepfile  enhances  file  management 


BY  DENI  CONNOR 


Deepfile  is  expected  to  announce  this 
week  the  next  product  in  its  file  manage¬ 
ment  portfolio  for  users  of  network- 
attached  storage  and  file  servers. 

Deepfile  Sentinel  joins  the  Auditor  and 
Enforcer  software  in  finding  duplication  of 
data  and  deleting 
Networ1<World  SDOH  it,  as  well  as  migrat- 

|  ing  and  archiving 
of  files  on  a  net¬ 
work.  Deepfile  Aud¬ 
itor,  Enforcer  and 
Sentinel  run  on 
industry-standard  server  appliances.  The 
packages  are  implemented  as  lU-high 
servers  that  connect  to  a  network  via  a 
10/100/1000M  bit/sec  Ethernet  port. 

The  Auditor  software  collects  file  infor¬ 
mation  from  NAS  appliances  and  Win¬ 
dows,  Linux  and  NetWare  file  servers  on  a 
network. Rules  that  have  been  set  in  the  En¬ 
forcer  software  by  a  storage  administrator 
can  cause  duplication  of  data  to  be  de¬ 
leted  or  moved  to  less-expensive  storage. 

See  Deepfile,  page  19 


Deepfile’s  Sentinel 

Sentinel  helps  users  manage  large  amounts  of  networked  files. 
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O  The  Auditor  software,  which  resides 
on  the  Deepfile  appliance,  queries  the 
file  servers  and  NAS  appliances  in  the 
network  and  collects  information  on 
the  files  stored  on  them. 


©  The  Enforcer  software,  which 
also  resides  on  the  Deepfile 
appliance,  applies  rules  to  the 
files  gathered  and  recommends 
the  deletion,  archiving  or 
migration  of  data. 


©  Sentinel,  which  also  resides  on 
the  appliance,  sends  reports 
to  users  about  the  files  they 
own  so  they  can  decide 
whether  to  delete,  migrate  or 
archive  them. 
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Dell  tries  4-way  Itanium  again 


VoIP 

continued  from  page  17 


■  BY  NETWORK  WORLD  STAFF 

Dell  is  expanding  its  64-bit  server 
line  with  a  new,  four-processor 
Itanium  2  server  aimed  at  high-per¬ 
formance  workloads  such  as  data¬ 
bases,  engineering  clusters  and 
heavy-duty  ERP  applications. 

One  and  a  half  years  after  ceas¬ 
ing  shipments  of  its  PowerEdge 
7150  —  one  of  the  first  four-way 
Itanium  systems  sold  by  a  major  vendor  —  the  com¬ 
pany  last  week  announced  the  new  four-processor 
system. 

The  FbwerEdge  7250  is  a  4U  system  designed  to 
support  up  to  32G  bytes  of  memory  It  will  be  priced 
starting  at  about  $12,500  in  a  single-processor  con¬ 
figuration  and  will  ship  with  processors  offering 
clock  speeds  between  1.3  GHz  and  1.5  GHz, 
Dell  says. 

Dell  says  it  sees  a  growing  niche  for  Itanium,  par¬ 
ticularly  for  database  users  looking  to  get  around 
the  memory  limitations  of  32-bit  systems,  which  can 
physically  support  only  4G  bytes  of  memory 

“It’s  a  matter  of  market  evolution  more  than  any¬ 
thing,”  says  Tim  Golden,  Dell’s  director  of  PowerEdge 
server  marketing.“A  couple  of  years  ago  there  was  a 
single  operating  system  that  was  supporting 
Itanium.” 

With  more  application  support  and  with  Microsoft, 
Red  Hat  and  Novell’s  SuSE  Linux  now  supporting 
the  processor,  Itanium  is  becoming  an  attractive 
alternative  for  customers  using  Reduced  Instruction 
Set  Computing  architectures  such  as  UltraSparc  and 
PowerPC,  Golden  says. 

“For  those  customers,  they  are  looking  to  migrate 


to  an  Intel,  standards-based  sys¬ 
tem  for  cost  reasons  primarily  but 
they  view  32-bit  systems  as  a  step 
backward,”  he  says. 

One  such  Itanium  customer  is 
Hillco.a  nursing-home  operator  in 
Kinston,  N.C.,  that  uses  Dell’s  dual¬ 
processor  PowerEdge  3250  to  run 
a  timekeeping  database  that  mea¬ 
sures  the  hours  worked  by  its 
9,800  employees. 

Hillco  moved  to  an  Oracle  database  running  on 
the  3250  after  consolidating  the  company’s  60  time¬ 
keeping  databases  onto  one  server  in  2002.The  com¬ 
pany  will  be  evaluating  the  four-way  7250  server 
because  the  amount  of  data  being  processed  is  now 
too  great  for  the  two-way  system  to  handle,  says 
Bobby  Jefferson,  Hillco’s  director  of  IT. 

“In  the  past  four  years,  my  databases  have  continu¬ 
ally  grown  and  grown,  and  the  amount  of  data  that 
people  want  to  analyze  and  compare  is  just  bal¬ 
looning,”  he  says. 

Because  the  Kronos  Workforce  Timekeeper  appli¬ 
cation  that  Hillco  uses  is  not  certified  to  run  in  an 
Oracle  Real  Application  Clusters  (RAC)  environ¬ 
ment,  simply  adding  a  second  3250  and  clustering 
together  the  two  systems  is  not  an  option.'T  would  be 
more  than  happy  to  build  an  Oracle  RAC  but  my  soft¬ 
ware  vendor  is  not  supporting  it  yet,”  he  says. 

Dell’s  PowerEdge  7250,  in  a  four-processor  configu¬ 
ration,  with  2G  bytes  of  memory  and  one  36G-byte 
hard  drivers  priced  starting  at  about  $22,100. 

Robert  McMillan,  a  correspondent  with  the  IDG 
News  Service’s  San  Francisco  bureau,  contributed  to 
this  report. 


The  PowerEdge  7250  fills  a  void  for 
database  users  looking  to  get 
around  memory  limitations. 


WAN  services  with  guarantees  to  ensure  the  necessary  QoS. 

He  also  set  up  queuing  on  outbound  packets  as  they  are  routed  onto 
the  WAN  so  voice  gets  priority  and  delay  of  voice  packets  within 
EDAW's  network  is  minimized. 

This  isn’t  a  concern  for  all  corporations,  however.  Phil  Brody  CTO  of 
Clark  County,  Nev.,  Public  Schools, says  he  lucked  into  a  WAN  that  was 
friendly  to  VoIPTwo  years  ago  when  he  started  considering  VoIRthe  dis¬ 
trict  had  just  installed  a  Gigabit  Ethernet  WAN  among  the  county’s 
schools,  which  now  number  450. 

But  he  did  run  into  other  concerns. The  LAN  infrastructure  dictated 
that  VoIP  be  limited  to  the  WAN  and  that  traditional  telephones  be  kept 
within  the  schools,  using  a  gateway  to  connect  to  the  IP  network. 
Keeping  IP  phones  functioning  during  power  outages  called  for  unin¬ 
terruptible  power  supplies,  an  unacceptable  cost  to  the  district. Their 
maintenance  alone  was  enough  to  kill  the  idea  because  the  school 
committee  frowns  on  substantial  continuing  costs  as  part  of  any  IT  pro¬ 
ject,  he  says. 

Audin  agrees  IP  voice  implementations  require  back-up  power  to 
keep  voice  reliability  high,  but  backup  is  needed  only  for  5  to  20  min¬ 
utes.  After  that,  if  the  electricity  stays  off,  temperatures  in  equipment 
closets  will  start  to  rise  beyond  the  point  at  which  gear  should  stay  in 
use,  he  says. 

He  also  says  network  power  should  be  overestimated  for  times  when 
a  VoIP  system  has  crashed  and  needs  to  come  back  online.  Restarting 
IP  phones  requires  that  each  phone  re-register  with  the  call  server  and 
get  an  IP  address.  All  the  phones  becoming  active  at  once  will  create  a 
temporary  drain  on  the  power  system. 

Brody  recommends  a  careful  analysis  of  voice  services  such  as 
Centrex  to  determine  if  converting  to  VoIP  can  save  money.  Evaluation 
of  the  Clark  County  schools’  infrastructure  revealed  that  it  had  9,000 
Centrex  phones,  and  use  of  Alcatel  IP  PBXs  has  reduced  that  to  1,200, 
he  says. 

For  all  the  work  that  goes  into  planning,  users  say  they  gain  opera¬ 
tional  benefits  that  can  translate  into  savings.  Pike  says  putting  in  a  VoIP 
network  saved  $40,000  over  what  traditional  phone  gear  would  have 
cost,  and  management  savings  come  to  $10,000  per  month.  Employee 
productivity  increases  amount  to  $9,500  per  month,  he  says.B 
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Just  like  many  of  you,  I  have  a  box  near 
my  desk  running  Linux.  So  far  it’s  not 
a  critical  part  of  my  network,  but  it 
does  provide  a  bit  of  convenience.  It’s  run¬ 
ning  Fedora,  with  Ximian’s  Gnome  inter¬ 
face, and  I  use  the  Evolution  email  client  to 
do  some  pre-processing  (and  spam¬ 
crunching)  of  incoming  mail. 

Last  week,  my  wife  and  I  were  discussing 
ways  to  consolidate  our  multiple  electron¬ 
ic  and  print  calendars  —  it  seems  no  one 
calendar  has  all  of  our  business  and  per¬ 
sonal  appointments,  events,  trips  and  other 
“interesting”  daterelated  material.  Because 


Open  source  on  the  desktop:  Hurry  up  and  wait 


I  also  am  running  the  Apache  Web  server 
on  the  Fedora  box,  1  went  looking  for  a 
calendaring  application  for  the  Apache 
installation. 

We’re  a  long  way  from  Linux  ever  replac¬ 
ing  Windows  on  the  desktop.  We’re  even 
further  from  open  source  software  replac¬ 
ing  commercial  products  for  the  average 
user.  How  do  I  know?  The  calendaring 
application  I  wanted  to  try  required  that 
WebDav  be  installed  alongside  my  Apache 
server.  A  quick  Google  search  revealed 
“Enabling  WebDAV  on  Apache”  (www. 
nwfusion.com,  DocFinder:  2424). 

When  I  want  to  install  a  new  Windows 
application  or  service,  the  usual  choices 
are:  put  the  CD  in  the  drive  (auto-start  will 
take  it  from  there),  download  and  run  a 
self-extracting  zip  file  (the  install  will  run 
automatically),  or  start  the  installation  by 
clicking  on  a  link  over  the  Internet.Ten  sec¬ 


onds  of  actual  work  on  my  part  with 
maybe  a  couple  of  minutes  of  whirring  and 
clicking  by  the  computer  and,  presto,  the 
service  or  app  is  running.  By  contrast,  the 
WebDav  guide  seems  filled  with  the  words 
“maybe”  and  “possibly’ and  requires  I  move 
files  around  (but  only  hints  at  what  the 
folder  to  move  them  to  might  be  called).  It 
goes  without  saying  that  some  compiling 
and  recompiling  of  applications  and  ser¬ 
vices  (even  the  Apache  Web  server )  might 
be  necessary  To  me,  it  appears  that  —  even 
if  everything  goes  well  —  I’ll  have  to  devote 
half  a  day  to  this  installation,  and  it  might 
not  be  worth  spending  that  much  time. 

This  could  be  a  way  to  prevent  your  users 
from  messing  with  a  standard  PC  setup,  but 
it’s  more  likely  that  they’ll  try  to  do  stuff  any¬ 
way  —  and  really  cause  you  some 
headaches!  “Ease  of  use”  is  much  maligned 
(especially  in  a  security  context)  but  it 


does  sell  a  lot  of  products. 

Kearns ,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 
Valley.  He  can  be  reached  at  wired@ 
vquill.com. 
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Tip  of  the  Week 


User  management  and 
electronic  provisioning 

are  hot  topics  these  days.  If 
you’re  having  trouble  under¬ 
standing  them,  head  to  Doc- 
Finder:  2425  and  register  for 
a  free  copy  of  my  latest 
book  on  the  topic. 


Deepfile 

continued  from  page  17 

The  Sentinel  software  reports  the  results  to 
end  users  and  makes  recommendations 
on  what  should  be  done  with  the  data. 

For  instance,  when  a  100-person  company 
sends  out  an  expense  report,  100  individual 
copies  of  the  expense  spreadsheet  will 
appear  on  the  network.  Deepfile’s  Auditor 
software  will  find  all  those  extra  copies, and 
based  on  policies  set  by  Enforcer  flag  them 
for  deletion,  migration  or  archiving  on  less- 
expensive  storage.  Sentinel  takes  the  rec¬ 
ommendations  of  Enforcer  and  relays 


them  to  users  so  they  can  decide  whether 
to  delete  or  archive  the  files. 

The  Deepfile  software  monitors  and  man¬ 
ages  file  usage  for  systems  that  use  the 
Microsoft  Common  Information  File  Sys¬ 
tem,  Unix/Linux  Network  File  System, 
Novell  file  system  and  Andrew  File  System. 

The  company  which  Network  World 
named  one  of  10  Start-ups  to  Watch  in  2004 
(see  www.nwfusion.com,  DocFinder:  2426), 
was  founded  in  May  2001.  It  launched 
Deepfile  Auditor  and  Enforcer  last  year. 

The  Sentinel  software  consists  of  four 
components:  File  Advisor,  E-mail  Notifi¬ 
cation  Manager,  User  Configuration  Man¬ 


ager  and  Dashboard  Report.  File  Advisor 
shows  the  files  a  user  or  group  of  users 
owns  so  they  can  manage  their  storage. 
E-mail  Notification  Manager  lets  users 
know  when  new  file  reports  are  available. 
User  Configuration  Manager  uploads  user 
e-mail  addresses  to  Sentinel  so  it  knows 
which  users  to  notify  Dashboard  Report 
shows  users  their  file  characteristics  by 
type,  age  and  duplicate  files. 

The  Deepfile  appliances  and  software  dif¬ 
fer  from  other  storage  resource  manage¬ 
ment  products  on  the  market:  Arkivio’s 
Auto-Xplor,  Auto-View  and  Auto-Stor  do  not 
let  users  know  which  files  need  attention. 


“Most  competitive  products  do  not  have 
the  ability  to  reach  down  to  the  knowledge 
worker’s  client, "says  Jamie  Gruener,a  senior 
analyst  for  The  Yankee  Group.  “Users  ulti¬ 
mately  know  more  about  what  files  need  to 
be  kept.  It’s  a  lot  to  ask  of  IT  personnel  to 
make  that  call,  especially  if  we  are  talking 
about  financial  records.” 

The  Auditor  and  Enforcer  are  installed 
on  an  appliance  that  costs  $15,000.  On  top 
of  that  customers  are  charged  $2,500  for 
each  terabyte  managed.. Sentinel  is  priced 
starting  at  $20  per  user  and  is  expected  to 
be  available  in  the  third  quarter  of  this 
year.  ■ 


www.iss.net 


When  business  losses  are  measured  in  seconds , 
preemption  beats  “ reaction  ”  every  time. 


tSS  PREEMPTS  THE  THREAT.  OTHERS  REACT  TO  IT. 


The  only  effective  security  is  preemption.  This  preemptive  power  is  only  available  with  the  Proventia™  Security  Platform  from  Internet 
Security  Systems.  When  software  security  flaws  are  discovered,  Internet  Security  Systems’  world-renowned  research  team  updates  Proventia 
to  immediately  shield  against  any  attacks  targeting  weak  spots.  Regardless  of  the  size  of  your  business,  this  new  standard  in  Internet 
security  can  help  keep  you  off  the  path  to  disaster  and  reduce  your  total  cost  of  ownership  -  In  fact,  when  we  manage  Proventia  for  you, 
we'll  even  guarantee  protection.  Need  proof?  Get  your  free  whitepaper,  Preemptive  Protection:  Setting  a  New  Standard  in  Security,  at 
www.iss.net/proof/whitepaper  or  call  800-77G-23G2. 


Q  Internet  Security  Systems” 

Ahead  of  the  threat. 
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Manage  all  your  remote-user  stress  away — with  simplicity,  security,  and  savings.  Now,  no  matter  what  type  of 
remote  user  you're  supporting,  you  have  an  easy  answer.  GoRemote.  Named  "a  visionary  market  leader"  in  Gartner's 
latest  Magic  Quadrant,  GoRemote  streamlines  mobile,  teleworker,  and  branch-office  connectivity  for  over  1,700 
enterprise  customers  worldwide.  Our  GoRemote  Global  Network™  is  the  world's  largest  and  eliminates  the  security 
concerns,  expense  issues,  and  hassle  factors  plaguing  today's  accessible-from-anywhere  enterprises.  Don't  take  our 
word  for  it.  See  what  Gartner  says.  Download  the  report  "U.S.  Managed  Remote-Access  1H04:  Leaders,  Visionaries" 
today — and  start  putting  yourself  back  in  control  once  and  for  all.  Visit  http://www.GoRemote.com/nw  or  call  866.308.8182 
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For  the  everywhere  enterprise. 


GoRemote  was  formerly  GRIC  Communications,  Inc. 

©  2004  GoRemote  Internet  Communications,  Inc.  All  rights  reserved.  GoRemote.  the  GoRemote  logo,  "For  the  everywhere  enterprise,"  and  GoRemote  Global  Network  are  trademarks  of  GoRemote 
Internet  Communications,  Inc.  All  others  are  properties  of  their  holders. 
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Adobe  goes  to  the  office 

Releases  server,  components  to  manage  corporate  information. 


■  BY  JOHN  FONTANA 

Adobe,  with  its  eye  on  addressing  corpo¬ 
rate  needs  to  manage  electronic  informa¬ 
tion,  last  week  rolled  out  a  Java-based  serv¬ 
er  and  a  set  of  services  designed  to  help 
corporations  create  and  share  documents 
and  integrate  them  into  back-end  systems. 

The  LiveCycle  server  is  the  new  founda¬ 
tion  for  Adobes  Intelligent  Document  Plat¬ 
form,  which  combines  Adobes  PDF  format 


Takes 


■  RSA  Security  last  week  an¬ 
nounced  RSA  Sign-On  Manager,  a 

rebranded  version  of  its  SecurlD 
Passage  product  the  company  says 
will  make  it  easier  for  companies  to 
manage  user  passwords.  The  product 
will  be  able  to  manage  user  logons 
for  about  90  different  enterprise 
applications  using  single  sign-on 
technology  licensed  from  Passlogix. 
A  new  RSA  technology  called 
IntelliAccess  will  let  users  recover 
forgotten  usernames  and  passwords, 
minimizing  help  desk  calls,  RSA  said. 
Sign-on  Manager  will  work  with  any 
x.509-standard  digital  certificate 
authority  and  a  range  of  RSA’s  two- 
factor  authentication  technologies. 

A  Sign-On  Manager  server  stores 
user  credentials  and  authentication 
policies  for  the  managed  applica¬ 
tions,  periodically  updating  the  Sign- 
On  Manager  clients.  The  server  runs 
on  Windows  2003  machines.  Manager 
is  now  in  beta  and  is  scheduled  for 
September  release.  It  will  cost  $89. 

■  Mazu  Networks  announced  the 
fourth  version  of  Mazu  Profiler,  its 
product  for  profiling  network  activity 
and  analyzing  deviations  from  typical 
behavior.  Mazu  Profiler  4.0,  which 
starts  at  $150,000,  is  being  made  as  a 
blade  product  to  run  on  the  IBM 
Blade  Center.  It  also  runs  on  the 
IBM  X-Series  Servers.  Profiler  4.0 
can  analyze  traffic  patterns  for  up  to 
200,000  users,  double  its  previous 
capability. 


with  XML  and  the  company’s  Reader  front- 
end  client.  Intelligent  Documents  can 
“unlock”  features  of  Reader  such  as  local 
save,  offline  use,  annotations  and  attach¬ 
ment  support.They  also  provide  the  ability 
to  automatically  submit  a  documents  data 
to  back-end  systems,  such  as  ERP  or  CRM, 
to  eliminate  re-keying  of  information. 

The  LiveCycle  server,  which  is  built  on 
Java  2  Platform  Enterprise  Edition,  will  be 
complemented  with  a  number  of  modules 
that  plug  into  the  platform,  including 
Process  Management  for  workflow  and 
data  integration,  and  Document  Control 
and  Security  for  access  control,  audit  trails 
and  authentication  using  digital  signatures. 

Adobe  is  battling  in  the  electronics 
forms/document  life-cycle  market  with  sev¬ 
eral  vendors  including  FileNet  and  Micro¬ 
soft,  which  is  combining  Office,  InfoPath 
and  digital  rights  management  technology 
into  a  secure  enterprise  document  plat¬ 
form.  Analysts  say  Adobe  has  to  convince 
corporations  that  it  can  produce  an  enter- 
prise-scale  platform. To  do  that,  the  compa¬ 
ny  is  integrating  a  number  of  its  point  prod¬ 
ucts,  such  as  Form,  Document  and  Policy 
servers  into  the  LiveCycle  server.  But  there 
also  is  more  work  to  do. 

“They  now  have  lightweight  workflow,  but 
for  sophisticated  document  management 
they  will  need  to  support  [business 
process  management]  ”  says  Robert  Mark¬ 
ham,  senior  industry  analyst  for  Forrester 
Research.  Markham  says  building  Live- 
Cycle  on  Java  and  moving  Reader  func¬ 
tionality  to  the  server  and  away  from  the 
client  is  a  good  move.  He  contrasts  that  to 
Microsoft,  which  is  tagging  its  features  to 
the  Windows  desktop  and  will  have  to  rely 
on  third-party  partners  to  provide  integra¬ 
tion  among  organizations  with  disparate 
technology 

Adobe’s  platform  includes  three  compo¬ 
nents:  the  Reader  client,  LiveCycle  and 
Adobe  Document  Services.  Last  week,  the 
company  unveiled  two  new  modules  to 
go  along  with  the  existing  Document 
Generation  and  Collaboration  modules. 

The  new  Process  Management  module 
lets  companies  capture  data  and  integrate 
it  with  other  systems.  It  includes  Adobe 
Form  Manager,  which  is  expected  to  ship 
this  fall,  for  publishing  and  managing 
forms;  Form  Server  for  deploying  dynamic 
forms;  and  Adobe  Barcoded  Paper  Forms 
for  scanning  in  data  from  two-dimensional 
bar  codes  printed  on  paper.  Also  included 
See  Adobe,  page  22 


Lessons  from  leading  users 


Grape  grower  juices  up 
its  planning  systems 


■  BY  ANN  BEDNARZ 

Welch’s  is  in  the  final  stages  of  a 
30-month  project  to  overhaul  a 
number  of  its  key  operational 
systems.  When  it’s  done,  the  Concord, 
Mass.,  food  manufacturer  will  have  inte¬ 
grated  two  functions  that  traditionally 
are  handled  by  separate  applications: 
promotions  management  and  demand 
planning. 

The  goal  is  to  create  a  single  source  for 
marketing,  sales,  financial  and  produc¬ 
tion  data, said  George  Jackman, director 
of  customer  marketing  at  Welch’s.  Jack- 
man  spoke  recently  at  a  retail  technol¬ 
ogy  event  and  detailed  his  company’s 
efforts  to  tie  promotional  activities  more 
closely  to  supply-chain  planning. 

Trade  promotions  are  events  planned 
by  a  consumer  goods  company  and  its 
retailer  customers.  For  example, Welch  s 
might  negotiate  to  have  its  grape  juice 
advertised  in  a  retailers  printed  materi¬ 
als  or  displayed  at  the  end  of  a  grocer’s 
aisle. 

These  events  consume  a  lot  of 
money:  Spending  on  trade  promotions 
is  the  second-largest  item  on  Welch’s 
profit-and-loss  statement,  second  only 


to  cost-of-goods  sold,  Jackman  said. 
However,  managing  such  promotions  is 
by  no  means  an  exact  science. 

The  consumer  packaged  goods  in¬ 
dustry  spends  $25  billion  annually  on 
trade  promotion,  yet  it’s  often  the  least 
well  controlled  and  managed  major 
budget  item,  Jackman  said.  He  cited  in¬ 
dustry  statistics  that  suggest  more  than 
80%  of  promotions  generate  disap¬ 
pointing,  unprofitable  or  disastrous  per¬ 
formance. 

A  ripple  effect  of  poor  promotions 
planning  can  produce  too  few  or  too 
many  products.  Produce  too  few  and 
Welch’s  winds  up  having  to  make  cost¬ 
ly  last-minute  adjustments  to  produc¬ 
tion  schedules  to  meet  demand.  Pro¬ 
ducing  too  many  means  carrying  ex¬ 
cess  inventory  and  increasing  the  like¬ 
lihood  of  having  to  destroy  products 
that  get  too  old  to  sell. 

Welch’s  doesn’t  have  room  to  waste 
any  resources  if  it’s  going  to  stay  com¬ 
petitive,  Jackman  said.  Already  it's  an 
underdog  of  sorts.  Welch’s  is  an  agricul¬ 
tural  cooperative  owned  by  1,400  grape 
farmers.  The  $750  million  company  is 
dwarfed  by  competitors,  such  as  Nestle, 
See  Welch's,  page  22 


Promoting  accuracy 

Welch’s  implemented  a  demand-planning  system  that  coordinates 
information  from  sales  and  marketing  applications  to  create  a  single 
companywide  forecast. 


Sales 


Salespeople  can  view  trade  and  promotions  spending  through  a  corporate  portal. 


Marketing 

m- 

Corporate 


Cognos  business  intelligence  software 
combines  real-time  and  historic  trade 
spending  to  help  Welch’s  marketing 
team  manage  advertising  and 
consumer  promotions. 


Corporate  forecasts  combine  planning  data 
with  transactional  data  from  order  fulfillment 
and  finance  systems  to  improve  accuracy. 
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Author  Casey  Corr  called  his  2000  book 
about  Craig  McCaw  Money  from  Thin 
Air  in  reference  to  McCaw  building  up 
a  cell  phone  network  that  AT&T  bought  for 
$1 1.5  billion  in  1994.  McCaw  is  again  trying 
to  make  money  from  thin  air  and,  like  the 
first  time,  is  trying  to  do  so  in  an  area  where 
major  players  have  stumbled. 

Starting  in  the  early  1980s,  McCaw  Com¬ 
munication  became  the  largest  cell  phone 
company  by  buying  up  wireless  licenses 
and  companies  wherever  it  could.  McCaw 
succeeded  in  spite  of  the  fact  that  many 
observers  thought  cell  phones  would 
never  be  a  major  part  of  the  communica¬ 
tions  picture  because  of  poor  service. 
These  observers  misunderstood  that  the 


Investing  in  thin  air,  again 


advantages  of  portable  communications 
outweighed  the  disadvantages  of  poor- 
quality  voice  and  spotty  coverage,  in  the 
minds  of  most  consumers. 

McCaw  has  not  been  as  successful  with 
the  major  projects  he  has  been  involved 
with  since  selling  out  to  AT&T.  Teledesic,an 
ambitious  plan  to  use  hundreds  of  low- 
orbiting  satellites  to  provide  Internet, 
access,  seems  all  but  dead,  and  Internet 
and  voice  service  provider  XO  Communi¬ 
cations  recently  went  through  bankruptcy. 

The  wraps  came  off  McCaw’s  latest  ven¬ 
ture  earlier  this  month.  He  has  put  together 
a  bunch  of  wireless  licenses  and  compa¬ 
nies  to  form  Clearwire.The  company  offers 
wireless,  last-mile  Internet  connectivity  and 
phone  service.  Initially  Clearwire  will  focus 
on  Tier-2  markets  where  the  local  phone 
companies  and  cable  companies  have  not 
gotten  around  to  offering  broadband  Inter¬ 
net  connectivity.  It  currently  offers  service 
in  St.  Cloud,  Minn.,  and  Jacksonville,  Fla., 
but  has  plans  for  a  much  wider  rollout  over 


the  next  year. 

Clearwire  seems  to  be  using  a  pre-stan¬ 
dard  version  of  WiMax,  the  marketing 
name  for  the  IEEE  802.16a  wireless  metro¬ 
politan-area  network  standard.  WiMax  is 
new,  but  there  have  been  a  number  of  wire¬ 
less  last-mile  technologies  in  the  past,  in¬ 
cluding  Multichannel  Multipoint  Distribu¬ 
tion  Service  (MMDS)  and  Local  Multipoint 
Distribution  System  (LMDS).  A  number  of 
phone  carriers  dumped  quite  a  bit  of 
money  on  unsuccessful  MMDS  or  LMDS  tri¬ 
als  a  few  years  ago.  The  trials  were  unsuc¬ 
cessful  for  a  number  of  reasons,  including 
technology  glitches,  pricing  issues  and  a 
mismatch  between  the  service  offerings 
and  customer  wants. 

It  is  an  open  question  whether  Clearwire 
can  succeed  in  the  wireless  last-mile  busi¬ 
ness,  where  others  have  failed  so  conclu¬ 
sively.  McCaw  has  a  leg  up  on  the  previous 
wireless  last-mile  trials  because  he  has 
some  experience  in  an  ISP  where  the  pre¬ 
vious  trials  were  run  by  phone  companies 
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that  had  little  clue  in  the  Internet  area.  But 
I  expect  that  much  will  depend  on  what 
the  company  decides  to  charge  for  its  ser¬ 
vices  and  how  much  it  stays  out  of  the 
way. The  prices  I’ve  seen  in  the  press  cov¬ 
erage  range  from  $40  to  $80  per  month  for 
basic  Internet  service.  I  predict  the  com¬ 
pany  is  toast  if  it  hits  the  high  end  of  that 
range,  because  there  are  too  few  people 
willing  to  pay  that  much.  1  also  would 
expect  the  company  to  fail  if  it  does  any¬ 
thing  to  force  customers  to  use  Clearwire’s 
phone  service  instead  of  leaving  things 
open.  McCaw  has  a  better  chance  than 
about  anyone  I  can  think  of,  but  he  could 
still  blow  it. 

Disclaimer:  Harvard’s  primary  investment 
is  in  students  and  payback  opportunities 
go  on  forever.  But  the  university  did  not 
comment  on  wireless  last-mile  services. 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Systems. 
He  can  be  reached  at  sob@sob.com. 


■ 

■  Lessons  from  leading  users 

Welch’s 

continued  from  page  21 

Kraft,  Procter  &  Gamble  and  PepsiCo’s  Trop- 
icana.  “We  need  to  do  what  we  do  faster, 
cheaper  and  smarter”  to  compete  with  these 
players,  Jackman  said. 

So  the  company  set  out  to  improve  its 
planning  and  production  processes. Welch’s 
devoted  a  lot  of  time  to  the  early  stages  of  its 
project  —  which  included  mapping  then  re 
designing  the  company’s  processes  and 
selecting  new  software.Those  initial 
steps  took  one  year,  Jackman  said. 

Finding  the  right  software  wasn’t 
easy  Jackman  evaluated  products 
from  a  dozen  providers  including 
large  vendors  SAPSiebel  Systems 
and  Oracle,  and  specialists  Data 
Alchemy,  Gelco  and  Proscape 
Technologies. 

In  2003,  Welch’s  chose  Demantra,  a  ven¬ 
dor  with  expertise  in  demand  planning 
and  analytics,  and  growing  experience  in 
trade  promotion  management,  Jackman 
said.  Demantra’s  software  also  had  the  req¬ 
uisite  flexibility  to  accommodate  Welch’s 
processes  without  requiring  custom  cod¬ 
ing,  he  said. 

The  next  steps  —  configuring  the  software, 
integrating  it  with  Welch’s  current  systems, 
training  users  and  testing  the  system  —  has 
taken  another  18  months.  Mapping  Welch’s 
retooled  processes  to  the  Demantra  soft¬ 
ware  is  complex,  Jackman  said. 

At  each  step  in  a  process,  Welch’s  had  to 
consider  the  role  of  people  involved,  the 
information  that  needed  to  be  captured  and 
the  decisions  that  would  follow.  Jackman 
and  his  team  reviewed  each  assumption  to 


make  sure  that  information  flows  and  algo¬ 
rithms  captured  the  right  data  and  sent  it  to 
the  appropriate  places. 

Today  Welch’s  is  in  the  final  stages  of  the 
project,  preparing  to  go  live  with  the 
Demantra  software  this  summer.  Its  imple¬ 
mentation  breaks  down  into  three  main 
parts: 

•  A  customer  planning  module,  which 
automates  tasks  associated  with  designing, 
funding,  managing  and  analyzing  promo¬ 
tions. 

•  A  deductions  management  module, 
which  tracks  and  resolves  “deductions,”  or 
invoice  discrepancies,  and  sends  the  data  to 


volume  planning  systems. 

•  A  reporting  module,  which  generates 
analytic  reports  related  to  forecasts,  sales, 
trade  fund  availability  and  daily  sales. 

Welch’s  new  system  will  put  an  end  to  a 
number  of  manual  processes.  “Before  pro¬ 
motions  were  planned,  managed  and 
tracked  using  a  slew  of  relatively  manual 
processes,”  Jackman  said.  Employees  used 
lots  of  paper, e-mail, phone  calls  and  spread¬ 
sheets  to  set  up  and  track  promotions. 

Not  only  were  these  processes  time-con¬ 
suming,  they  were  also  error-prone,  which 
contributed  to  mismatched  product  pro¬ 
duction.  The  old  way  of  demand  forecast¬ 
ing  required  corporate  users  to  piece 
together  lots  of  data  —  from  disparate  sys¬ 
tems  such  as  internal  software  that  kept 
tabs  on  product  shipments,  consumption 


and  manufacturing  capacity,  along  with 
external  data  sources  such  as  financial 
data  from  ACNielsen  —  to  get  a  picture  of 
product  demand. 

“Forecast  accuracy  was  actually  getting 
worse,  not  better”  before  the  Demantra  roll¬ 
out,  Jackman  said. 

With  the  Demantra  software,  all  the  data 
will  be  available  in  one  system,  including 
financial  information,  supply-chain  metrics, 
marketing  strategy  information  and  collabo¬ 
rative  planning.  It  rolls  five  areas  into  one  — 
customer  planning,  trade  fund  manage¬ 
ment,  marketing  planning,  analytics  and 
demand  planning,  Jackman  said. 

Welch’s  salespeople  will  benefit 
from  greater  automation  of  the  com¬ 
pany’s  customer  planning  and  trade 
funds  management  processes,  while 
marketing  personnel  will  be  able  to 
more  accurately  measure  the  ef¬ 
fectiveness  of  the  company’s  promo¬ 
tional  investments,  according  to 
Jackman. 

However  the  single  biggest  benefit  will  be 
from  the  supply-chain  perspective,  Jackman 
said. The  system  will  provide  more  detailed 
demand  information  —  and  more  quickly 
For  example,  every  time  a  promotional 
event  changes,  the  system  will  update  vol¬ 
ume  forecasts,  Jackman  said. 

The  system  is  not  yet  fully  integrated  with 
Welch’s  newly  installed  Oracle  ERP  system. 
That  will  happen  next  summer.  When  it’s  all 
in  place,  Jackman  expects  big  gains  from 
the  technology 

He  didn’t  disclose  specific  dollar  amounts, 
but  said  Welch’s  expects  to  reduce  its  inven¬ 
tory  by  15%;  trim  its  trade  promotion  budget 
by  1%;  slash  the  amount  of  inbound  raw 
materials  that  get  expedited  to  meet  rush 
orders  by  30%;  and  reduce  the  destruction 
of  outdated  material  by  30%.  ■ 


II  We  need  to  do  what  we  do  faster, 
cheaper  and  smarter.  99 

George  Jackman 

Director  of  customer  marketing,  Welch’s 


Adobe 
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is  Reader  Extensions  Server  for 
unlocking  features  of  intelligent 
documents  and  Adobe  Designer 
for  turning  existing  forms  into 
PDF  and  XML  forms. 

Pricing  for  the  Process  Man¬ 
agement  components  start  at 
$35,000  per  CPU. Also  new  is  the 
Document  Control  and  Security 
Server,  which  lets  security  poli¬ 
cies  be  applied  at  the  server  and 
desktop.  The  components 
include  Adobe  Document 
Security  Server  for  server-side 
encryption,  Adobe  Acrobat  soft¬ 
ware  and  Adobe  Policy  Server  for 
applying  policies  online  or 
offline  and  inside  or  outside  the 
firewall.  The  Policy  Server  is  slat¬ 
ed  to  ship  later  this  year. 

Pricing  for  the  Adobe  Docu¬ 
ment  Security  Server  starts  at 
$50,000  per  CPU.  Pricing  for  the 
Policy  Server  will  be  announced 
when  it  ships.LiveCycle  server  is 
optimized  to  run  on  IBM  Web¬ 
Sphere  Application  Server  and 
IBM  A1X  server  software.  It  also 
runs  on  JBoss  application  servers 
with  a  version  for  BEA  Systems’ 
WebLogic  expected  to  ship  next 
month.  LiveCycle  also  runs  on 
Microsoft  Windows  Server,  Linux, 
and  Sun  Solaris.  Adobe  plans  to 
add  support  for  Novell’s  SuSE 
Linux  platform  and  HP-UX.  ■ 
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Interest  in  ASPs,  Web  hosting  picking  up 


Outside  the  box 


A  survey  of  164  businesses 
found  about  20%  using  some 
combination  of  in-house  and 
outside  hosting  services. 
Here’s  what  accounted  for 
the  hosting  component. 
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15% 


A  survey  of  90  IT 
professionals  found 
41%  see  demand  for 
application  hosting 
and  management 
becoming  mainstream. 
Here’s  what  they  see 
as  remaining  hurdles. 

Note:  Each  respondent  was  asked  to  rank  order 
their  top  five  choices.  Percentages  reflect  the 
allocation  of  points  assigned  on  a  weighted 
basis  with  top  choices  getting  more  points  than 
lower  priority  selections.  For  that  reason,  the 
total  does  not  equal  100%. 


Nortel  doubles  Shasta 
performance,  density 


■  BY  JENNIFER  MEARS 

Enterprise  customers  in  growing  num¬ 
bers  are  taking  a  look  at  application  ser¬ 
vice  providers  and  Web  hosting  compa¬ 
nies  as  they  seek  ways  to  make  their  IT 
operations  more  efficient  by  using  on- 
demand  services. 

Analysts  say  the  ASP  and  Web  hosting 
markets  are  seeing  a  rebirth  as  bigger  out¬ 
sourcers  such  as  HP  and  IBM  focus  on  util¬ 
ity  computing,  where  customers  get  IT  ser¬ 
vices  on  a  pay-as-you-go,  as-needed  basis. 
The  maturing  and  consolidation  of  the 
markets  to  a  few,  stable  providers  also  is 
helping  turn  the  tide  for  what  were  consid¬ 
ered  risky  options  just  a  few  years  ago. 


■  Verizon  Online  has  lowered  the 
price  of  its  business  DSL  service. 


Verizon's  1.5M/384K  bit/sec  packages 
now  start  at  $59.95  per  month  for 
DSL  with  a  dynamic  IP  address  and 
$89.95  per  month  for  a  static  IP 
address,  a  savings  of  $30  to  $40  per 
month,  respectively.  A  static  IP 
address  gives  businesses  a  perma¬ 
nent  IP  address,  letting  them  host  a 
Web  site  and  an  e-mail  server,  and 
provide  VPN  applications  for  remote 
employees.  Business  DSL  packages 
include  domain  name  e-mail  boxes 
and  unlimited  remote  dial-up  access 
at  no  additional  charge. 

■  MCI  has  expanded  the  reach  of  its 
DSL  network  through  a  deal  with 
New  Edge  Networks.  MCI  inked  its 
first  deal  with  New  Edge  in  October. 
Through  its  new  arrangement,  which 
MCI  announced  last  week,  the  carrier 
will  offer  DSL  services  in  300  metro¬ 
politan  areas.  Through  its  own  local 
network  and  deals  with  New  Edge 
and  Covad  Communications,  MCI  was 
offering  DSL  in  55  metropolitan  areas. 
MCI  is  tripling  the  size  of  its  DSL 
reach  by  using  New  Edge’s  network, 
which  reaches  rural  areas  often 
underserved  by  other  carriers.  MCI 
says  its  new  footprint  will  reach  75% 
of  U.S.  cities. 


“ASPs,  managed  service  providers  and 
Web  hosting  providers  have  served  as  a 
stepping  stone  to  overall  utility  comput¬ 
ing,”  says  Jeff  Kaplan,  managing  director  at 
ThinkStrategies,  an  IT  consulting  firm.  “At 
the  Utility  Computing  World  Conference  I 
heard  CIOs  from  major  companies  talking 
about  Web  hosting  and  ASP  models  like 
Salesforce.com,  which  they  equated  to  util¬ 
ity  computing.  It’s  fascinating  to  hear  them 
use  these  terms  interchangeably  They  see 
them  all  as  being  interrelated.” 

Despite  lingering  challenges,  the  ASP 
market  is  expected  to  more  than  double 
from  $1.6  billion  last  year  to  $3.5  billion  in 
2008,  according  to  IDC.  The  Web  hosting 
market  also  is  predicted  to  see  strong 
growth,  expanding  from  $5.5  billion  in 
2003  to  $10.4  billion  in  2008. 

The  research  firm  expects  the  biggest 
growth  to  happen  for  service  providers  that 
deliver  Web-native  and  Web  services  appli¬ 
cations,  such  as  Salesforce.com  and 
Salesnet,  with  revenues  skyrocketing  from 
$666  million  in  2003  to  $3.7  billion  in  2008, 

“Interest  in  Web  hosting  and  ASPs  has 
been  ramping  up  over  the  past  eight  to  12 
months,”  says  Ted  Chamberlin,  a  principal 
analyst  at  Gartner.  “A  lot  of  clients  had  cut 
back  for  a  long  time,  pared  down  their 
staff  and  been  very  conservative.  Now 
they  have  to  drive  revenue  and  make  their 
businesses  run  and  move  forward.  Web 
and  application  hosters  are  just  a  really 
good  logical  choice,  and  now  they’re  a 
much  safer  alternative.” 

Getting  in  deeper 

For  example,  diversified  industrial  firm 
Ingersoll-Rand,  of  Woodcliff  Lake,  N.J.,  be¬ 
came  a  customer  of  Corio  in  2001  and  has 
recently  expanded  its  use  of  the  ASP’s  out¬ 
sourcing  services. 

“We  started  off  small  with  a  couple  of 
applications  to  test  the  water/  says  CIO 
Barry  Libenson.“We  had  successful  results 
and  got  a  lot  of  benefits  with  things  that  we 
didn’t  do  well  ourselves  like  really  reliable 
disaster  recovery,  24-7  monitoring.  And  we 
have  access  to  a  team  of  developers  that 
are  skilled  at  applying  Oracle  patches.” 

Happy  with  the  initial  partnership,  Liben- 
son  began  moving  more  Oracle  applica¬ 
tions  to  Corio  and  today  has  only  “10%  of 
the  equipment  on-site  that  I  had  three 
years  ago.”  That  means  fewer  headaches 
and  the  ability  to  dedicate  IT  staff  to  other, 
more  business-focused  tasks,  he  says. 

He  estimates  he’s  saving  between  20% 
See  Hosting,  page  24 


■  BY  JIM  DUFFY 

Nortel  last  week  unveiled  an  upgrade  to 
its  Shasta  Broadband  Services  Node  5000 
edge  router  that  more  than  doubles  the 
performance  and  density  of  the  6-year-old 
incumbent,  the  company  says. 

The  Services  Edge  Router  5500  supports 
twice  as  many  IP  VPNs  —  4,096  —  as  the 
5000,  Nortel  says,  and  more  than  twice  as 
many  subscribers:  72,000  vs.  32,000. 

Sawis  Communications  has  80  5000s 
installed  and  plans  on  deploying  26  5500s 
in  its  larger  sites  to  augment  that. 

“As  we’ve  grown  over  the  past  five  years, 
we’re  pushing  the  scale  on  the  stuff  that  we 
bought,”  says  Robert  McCormick,  Sawis 
chairman  and  CEO.  “We  can  upgrade  the 
capacity  where  we  need  it  without  doing  a 
big  forklift  upgrade.” 

Sawis  is  one  of  the  leading  providers  of 


global  VPs  services,  which  are  provisioned 
entirely  over  the  BSN  5000  network, 
McCormick  says.  The  company  just 
acquired  Cable  &  Wireless’  U.S.  operations, 
and  the  5500  will  play  a  key  role  in  bridg¬ 
ing  the  Sawis  and  former  C&W  network. 

“They  have  a  big  MPLS  core  and  we  run 
an  ATM  core,  and  one  of  the  things  we’re 
doing  is  dual-homing  them,”  McCormick 
says.  “With  a  single  edge  switch  you  can 
route  customer  traffic  over  ATM  or  [Multi¬ 
protocol  Label  Switching]  as  the  core, 
depending  on  what  the  customer  wants." 

The  5500’s  quarter-rack  chassis  has  14 
slots  for  control  and  management,  switch 
fabric,  subscriber  service  cards  and  inter¬ 
face  modules.  Its  switching  capacity  can 
be  either  622M  or  1.2G  bit/sec  full  duplex. 

ATM  interface  modules  for  the  device  are 
four-port  OC-3,  two-port  OC-12  and  three- 
See  Nortel,  page  24 
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EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


If  you  thought  the  communications  rev¬ 
olution  happened  in  the  last  century, 
think  again.  A  seismic  shift  is  under 
way  that’s  likely  to  reshape  the  world  of 
business. 

That  shift  is  called  externalization, 
which  virtually  every  company  today  is 
involved  in. 

Externalization  basically  refers  to  sharing 
resources  (business  and  technical)  with 
partners,  suppliers,  channels  and  custom¬ 
ers.  Specifically  by  streamlining  business- 
to-business  processes  and  reducing  the  ef¬ 
fective  latency  of  business-to-business  com¬ 
munications,  externalization  dramatically 
is  changing  business  dynamics  in  ways  that 
are  only  beginning  to  become  apparent. 
Some  history:  Back  in  the  ’90s,  organiza¬ 


Externalization:  Changing  the  shape  of  business 


tions  that  wanted  to  share  data  with  busi¬ 
ness  partners,  suppliers  and  customers 
needed  a  custom-built  network  (leased 
lines,  frame  relay  or  ATM)  augmented  with 
special-purpose  applications  such  as  elec¬ 
tronic  data  interchange  software.  Such  net¬ 
works  provided  security,  reliability  and 
transactional  integrity  —  meaning  that  sys- 
tem-to-system  transactions  were  possible 
across  the  network. 

This  meant  that  business-to-business  sup¬ 
ply  chains  were  limited  to  companies  that 
could  justify  the  expense  of  owning  and 
operating  such  networks  —  a  fairly  elite 
bunch  of  players,  including  big  banks  and 
massive  manufacturers  such  as  General 
Motors.  The  rest  of  us  made  do  with  faxes 
and  FedEx. 

IP  —  and  specifically  the  Internet  — 
changed  all  that.  For  the  first  time,  even  the 
smallest  organizations  were  connected  to 
the  network.  The  problem  was  (and  to  a 
certain  extent,  continues  to  be)  that  relia¬ 
bility  security  and  performance  of  the  con¬ 
nection  can  be  questionable.  That’s  chang¬ 


ing.  Technologies  such  as  Multi-protocol 
Label  Switching  provide  network-layer 
quality  of  service,  while  Secure  Socket 
Layer  and  IPSec-based  VPNs  ensure  priva¬ 
cy  Finally  emerging  technologies  such  as 
XML  and  SOAP  can  begin  to  provide 
integrity  at  the  transaction  level. 

The  upshot  is  that  someday  in  the  not- 
too-distant  future,  we  can  expect  a  network 
that’s  as  secure  and  reliable  as  the  private 
networks  of  yore  —  but  as  ubiquitous  as 
the  Internet. 

When  such  a  network  arrives,  the  impli¬ 
cations  will  be  profound  and  far-reaching. 
Specifically,  it  will  increase  the  speed  at 
which  business  can  be  conducted,  lower 
the  effective  cost  and  diminish  the  impor¬ 
tance  of  geography 

This  doesn’t  sound  too  exciting,  but  con¬ 
sider  that  business  size  is  important  today 
primarily  because  it  signifies  capital  accu¬ 
mulation.  Capital  provides  a  major  com¬ 
petitive  differentiator  because  very  often 
the  easiest  way  to  get  something  done 
quickly  is  to  throw  money  at  it.  Quite  sim¬ 


ply  the  reason  your  corner  hardware  store 
can’t  compete  with  say  Boeing  is  primarily 
because  it  doesn’t  have  the  capital  to  sup¬ 
port  an  in-house  research  and  develop¬ 
ment  staff,  build  manufacturing  plants, and 
the  like. 

But  what  if  your  corner  hardware  shop 
could  line  up  a  contract  with  an  indepen¬ 
dent  engineering  group  online,  arrange  for 
financing  and  purchase  time  in  a  manu¬ 
facturing  facility  —  all  within  minutes  of  an 
airline  RFP  hitting  the  street?  In  theory, your 
local  hardware  shop  could  now  compete 
with  Boeing  —  and  win.  In  other  words,  ef¬ 
fective  externalization  minimizes  the  bene¬ 
fit  of  being  a  large,  capital-rich  company 

I’m  glossing  over  a  lot  of  issues  here.  But 
you  get  the  idea:  Externalization  effectively 
lets  business  processes  occur  at  warp 
speed  —  and  that  changes  everything. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Hosting 

continued  from  page  23. 

and  40%  by  having  Corio  host  and  manage 
his  Oracle  application  environment. 

“The  other  beauty  is  that  it’s  a  variable- 
cost  model  so  I  can  grow  or  shrink  that  en¬ 
vironment  on  an  as-needed  basis,”  he  says. 
“I  don’t  need  to  worry  about  hiring  people 
or  doing  reductions  if  we  downscale.” 

Such  experiences  are  once  more  driving 
businesses  toward  ASPs  and  hosting  ser¬ 


Nortel 

continued  from  page  23 

port  DS-3/E-3  with  one  port  of  OC-3.  The 
5500  also  supports  four-port  channelized 
DS-3,  two-port  channelized  STM-1,  one-port 
Gigabit  Ethernet  and  eight-port  Fast  Ether¬ 
net  interface  cards. 

Like  its  predecessor,  the  5500  is  optimized 
for  broadband  aggregation,  IP  VPNs  and 
personalized  IP  services  for  businesses  and 
residences.The  5500  supports  multiple  traf¬ 
fic  types  and  access  technologies,  includ¬ 
ing  Layer  2  Tunneling  Protocol  (L2TP), 
IPSec,  IP  over  ATM  and  IP  over  frame  relay. 

For  large  distributed 
networks,  the  SER  5500 
provides  subscriber 
management  and  per¬ 
sonalization  at  the  sub¬ 
scriber  edge  while 
feeding  into  Nortel’s 
MPE  9000  multiservice 
edge  router,  which  ag¬ 
gregates  Layer  2-3  ac¬ 
cess  into  multiple  net¬ 
work  services  in  the 
provider  core.  For 
smaller  networks,  the 
5500  may  be  used  with¬ 
out  the  MPE  9000  for 


vice  providers,  analysts  say 
“The  service  delivery  capabilities  of  the 
vendors  are  getting  reasonably  stable  and 
reasonably  reliable,  and  the  pricing  is  get¬ 
ting  competitive,”  says  Mary  Johnston 
Turner,  an  analyst  at  Summit  Strategies. 
“And  there’s  been  enough  of  a  track 
record  now  that  these  things  do  work,  that 
they  do  stay  up,  that  people’s  businesses 
don’t  crash  and  burn.  It’s  not  quite  main¬ 
stream  yet,  but  it’s  a  normal  question  to 
ask  for  many  companies  now. You  look  at 


broadband  aggregation,  VPN,  IP  services 
and  edge  routing,  Nortel  says. 

It  provides  for  the  billing  of  triple-play  — 
voice, data  and  video  —  applications  based 
on  volume,  time  or  application  type  via 
quality  of  service  and  flow-based  account¬ 
ing.  For  security  services,  it  provides  a  state- 
aware  firewall  with  network-wide  rule  pro¬ 
visioning  and  distributed  denial-of-service 
protection. 

The  5500  supports  both  Layer  3  Border 
Gateway  Protocol/MPLS  or  Layer  2  IPSec 
site-to-site  and  remote-access  VPNs,  as  well 
as  various  VPN  membership,  discovery  and 
tunneling  mechanisms  for  MPLS  and  virtu¬ 
al  router-based  environ¬ 
ments. 

The  5500  will  be  avail¬ 
able  next  month  and 
costs  about  $600,000. 

Dell’Oro  Group  ex¬ 
pects  sales  of  1G  bit/sec 
routers,  the  category 
where  the  5500  and 
5000  fit,  to  grow  only  1% 
this  year  from  last,  to 
$1.8  billion.  Dell’Oro 
expects  service  pro¬ 
viders  to  increasingly 
use  2.5G  bit/sec  routers 
for  edge  applications.  ■ 


outsourcing  vs.  do  it  yourself,  and  [ASPs 
and  Web  hosters  are]  another  piece  of 
that  discussion.” 

Another  factor  is  the  consolidation  of  the 
markets.  In  Web  hosting  over  the  past  year, 
Sawis  Communications  acquired  the  host¬ 
ing  assets  of  Cable  &  Wireless,  Equinix 
acquired  Sprint’s  hosting  customers,  MCI 
completed  its  acquisition  of  Digex,  and 
NaviSite  acquired  Interland  and  Conxion. 
Meanwhile,  managed  hosting  providers 
such  as  Rackspace  continue  to  see  a  grow¬ 
ing  customer  list. 

Customers  are  coming  to  providers  with 
hosting  needs  that  go  beyond  simple  Web 
sites  and  e-commerce. 

“What  we’re  doing  today  that  we  weren’t 
doing  two  years  ago  is  we’re  running 
more  and  more  highly  critical  applica¬ 
tions  that  are  Web  facing,  but  they’re  not 
Web  sites,”  says  Graham  Weston,  CEO  at 
the  hosting  firm  Rackspace  that  saw  rev¬ 
enue  jump  54%  in  the  past  year.  “Really 
managed  hosting  has  grown  up  to  where 
it  really  is  the  mainstream  way  of  hosting 
a  critical  application.” 

For  its  part,  the  ASP  market,  which  includ¬ 
ed  hundreds  of  players  during  the  dot-com 
boom,  is  boiling  down  to  two  major 
providers:  USinternetworking  and  Corio. 
BlueStar  also  remains,  and  bigger  out¬ 
sourcers  such  as  IBM  and  HP  are  starting  to 
place  greater  investments  in  application 
management  offerings. 

The  software  makers  also  recognize  a 
growing  demand  to  have  software  delivered 
as  a  service:  Oracle,  FeopleSoft  and  Siebel 
Systems  all  have  on-demand  offerings. 

Oracle  says  the  hosted  portion  of  its  busi¬ 
ness  is  its  fastest-growing  division. 

Customers  buy  the  Oracle  license  as  they 
would  with  a  packaged  deployment,  but 
then  pay  $150  per  month  per  user  for  the 
management  and  maintenance  of  the 
application,  says  Glenn  Lim.vice  president 


of  Oracle  On  Demand.  Oracle  also  offers  a 
satisfaction  guarantee  that  will  refund  cus¬ 
tomers  20%  of  the  monthly  fee  if  they  are 
not  satisfied  with  the  service. 

While  the  ASP  market  is  enjoying  “steady 
but  modest  growth,”  hurdles  remain  to 
widespread  adoption  of  ASP  services.  For 
example,  internal  IT  staff  are  concerned 
that  they  will  lose  control  over  applications 
hosted  by  third  parties,  says  Amy  Mizoras 
Konary  an  analyst  at  IDC. 

“Most  customers  have  pretty  complex 
infrastructures  today. They’ve  got  customi¬ 
zation,  they’ve  got  integration,  and  they’re 
concerned  that  their  ability  to  maintain 
those  integrations,  those  customizations, 
may  be  limited,”  she  says.  “In  most  cases 
it’s  not  going  to  be.  And  in  my  opinion 
working  with  service  providers  makes  the 
cost  of  those  more  visible  and  easier  to 
manage.” 

Kyle  Lambert,  vice  president  of  infor¬ 
mation  solutions  at  agricultural  firm  John 
I.  Haas  in  Yakima,  Wash.,  agrees.  He  began 
using  Oracle’s  hosted  service  about  three 
years  ago  when  he  moved  over  his  firm’s 
Oracle  ERP  package. 

Recently  he  transitioned  Internet  portal 
and  e-mail  applications  to  Oracle’s  host¬ 
ed  model. 

Because  Lambert  is  working  with  the 
application  developer,  he  will  be  able  to 
more  easily  integrate  the  three  applica¬ 
tion  services,  a  task  that  he  says  would 
have  been  a  management  headache  for 
in-house  staff. 

“We  are  working  together  to  come  up 
with  a  way  we  can  more  tightly  integrate 
them  so  that  we  have  single  sign-on  for  all 
of  our  services,”  he  says.  “We  want  to  have 
data  move  transparently  from  one  technol¬ 
ogy  stack  and  service  to  another  technolo¬ 
gy  stack  and  service  so  that  from  my  user 
standpoint  they  don’t  see  that  there  is  any 
difference  in  the  environment.”  ■ 


Nortel's  Services  Edge  Router  5500 
supports  4,096  IP  VPNs. 
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Nortel  BayStack  switches  prove  interoperability  with  Cisco  core  rivals 

A  quartet  of  Nortel  BayStack  edge  switches  demonstrate  key  interoperability  features 
common  to  converged  networks,  including  support  for  QoS,  VLANs  and  IP  Multicast 

3  Five  vendors  earn  inaugural  First  &  Foremost  certifications 

This  new  certification  program  from  The  Tolly  Group  focuses  on  products  that  are  the 
“first”  to  demonstrate  specific  performance  or  functionality,  or  are  “foremost”  in  their 
product  category 

4  Extreme  Networks  Summit  400  flexes  GbE  desktop  muscle 

Here’s  a  48-port,  Layer2/Layer  3  enterprise-class  edge  switch  that  operates  at  wire- 
speed,  delivers  fine  QoS  controls  and  offers  sophisticated  user  management 

5  Extreme  Networks  BiackDiamond  10K  sparkles  in  VoIP  quality, 
performance  and  resiliency  tests 

Resiliency  probe  shows  that  Nortel’s  core  switch  delivers  toll-quality  VoIP  even  under 
induced  system  and  network  outages,  or  during  resource-intensive  control  operations 

6  Allot  Communications  NetEnforcer  manages  Layer  7  traffic  at  2  Gbps 

Traffic  management  device  processes  mid-  to  large-sized  packets  at  wire  speed, 
controls  Peer-to-Peer  traffic  to  manage  bandwidth  effectively 


7  ADTRAN  NetVanta  1224R  hammers  home  single  platform  advantage 

Users  can  turn  to  a  single  integrated  platform  to  handle  Internet  and  IP-based 
application  security  and  outperform  multi-platform  alternatives  # 
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Nortel  BayStack  switches  prove 
interoperability  with  Cisco  core  rivals 


Proves  interoperability  in  six  tests  with  Cisco  Catalyst  4500  and  Catalyst  6500  switches  in  tests  of  auto¬ 
negotiation,  Link  Aggregation,  Gigabit  Ethernet  uplinks,  QoS,  VLANs  and  IGMP  snooping 

Achieves  IEEE  802.1p/Q  interoperability  with  Cisco  Catalyst  4500  and  Catalyst  6500  switches 

Supports  Link  Aggregation  with  Cisco  Catalyst  4500  and  Catalyst  6500  switches 

Proves  seamless  support  of  Per  VLAN  Spanning  Tree  Protocol  with  Cisco  Catalyst  4500  and  Catalyst 
6500  switches 

Examines  IGMP  traffic  and  prevents  unwanted  data  streams  from  affecting  network  performance  when 
Cisco  Catalyst  4500/Catalyst  6500  switches  function  as  IP  multicast  routers 

- j - , - j - - - - - t . . . . . 


Project  Profile 


Sponsor:  Nortel  Networks 

Document  number:  204112 

Product  Class:  Layer  2  switches 

Products  under  test: 

•  Nortel  Networks  BayStack  425-24T  Switch  SW  ver.  3.0.0.46 

•  Nortel  Networks  BayStack  460-24T-PWR  Switch  SW  ver.  3. 0.3.8 

•  Nortel  Networks  BayStack  470-24T,  470-48T  Switch  SW  ver. 
3. 0.3. 8 

•  Nortel  Networks  BayStack  5510-24T,  5510-48T  Switch  SW 
ver.  3.0.1 

•  Cisco  Systems,  Inc.  Catalyst  4500  Series  switch  SW  IOS 
ver.  12.1(13)EW 

•  Cisco  Systems,  Inc.  Catalyst  6500  Series  switch  SW  IOS 
ver.  12.1(8b)EX3 

Testing  window:  January  2004 

For  more  info  on  this  test,  visit:  http://www.nortelnetworks.com 


Nortel  Networks  commissioned  The  Tolly  Group  to  evaluate  the 
Layer  2  interoperability  of  the  Nortel  BayStack  425,  470,  460 
and  5510  switches  for  enterprise-class  edge  networks  especially  key 
interoperability  features  used  extensively  in  converged  networks  - 
QoS  (802.1  p),  VLANs  (802.1  Q)  and  IP  multicast. 

Tolly  Group  engineers  put  the  BayStack  425,  470,  460  and  5515 
switches  through  a  battery  of  tests  along  with  Cisco  Catalyst  4500 
and  Catalyst  6500  switches  to  reveal  the  depth  of  interoperability 
each  switch  provides. 


Tests  revealed  that  the  quartet  of  BayStack  edge  switches  tested 
interoperate  flawlessly  with  core  Catalyst  4500/Catalyst  6500  devices 
in  an  enterprise  network,  ensuring  network  convergence,  service 
convergence  and  application  convergence. 

In  a  world  of  ever-evolving  standards  and  tight  budgets,  network 
managers  searching  for  new  equipment  need  to  know  that  the 
switches  they  purchase  are  interoperable  with  their  current  infrastruc¬ 
ture.  It  is  important  for  managers  to  know  which  devices  can  work 
together  and  which  devices  can  maintain  interoperability. 


In  this  series  of  tests,  Nortel  Networks  proves  that  the 
BayStack  425,  470,  460  and  5510  switches  are  viable  can¬ 
didates  for  edge  switch  deployment.  But  this  test  tells  just 
one  side  of  a  multidimensional  approach  to  edge  switching 
taken  by  Nortel  Networks.  In  addition  to  its  rich  display  of 
interoperability,  Nortel  Networks  is  factoring  in  a  diverse  set 
of  Optivity  network  management  tools  to  provide  users  with 
fine-grained  control  over  edge  switching  and  bandwidth 
policies  that  will  ensure  convergence  at  many  levels. 

Moreover,  Nortel’s  QoS  support  is  very  granular  -  meaning 
Nortel  offers  support  for  up  to  eight  traffic  queues  versus  just 
four  for  Cisco  and  policy  configuration  is  not  as  rigid  as 
“off/on”  but  can  be  provisioned  by  a  variety  of  management 
options  including  SSHv2,  SNMPv3,  Device  Manager  GUI  for 
configuration  control,  QoS  wizards,  OSM  &  Optivity  integra¬ 
tion,  and  common  command  line  interface  (CLI). 

It  is  clear  that  any  of  the  Nortel  edge  network  capabilities 
tested  can  be  managed  to  ensure  edge  policy  decisions  are 
handled  expediently  and  with  minimal  hassle. 

Check  out  the  full  report  on  The  Tolly  Group’s  Web  site  at: 

http://www.  tolly.  com/DocDetail.  aspx?DocNumber= 204112 


BayStack  425,  470,  460  and  5510  Switches 
Layer  2  Interoperability  Evaluation  -  Convergence  Focus 
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Network  innovators  earn  inaugural  "First  &  Foremost"  awards 


The  First  &  Foremost  designation  is  awarded  to  products  that  cue  the  ’First' 
to  demonstrate  specific  performance  or  functionality  in  The  Tolly  Group's  labs. 
Products  also  may  earn  a  "Foremost"  designation  by  demonstrating  record 
performance  or  improved  functionality  that  exceeds  other  products  previously 
tested  and  certified  by  The  Tolly  Group.  Such  products  are  deemed  the 
" Foremost "  in  their  category  by  performance  or  by  functionality. 

To  view  more  inaugural  "First  &  Foremost"  award  recipients,  visit 
http:  /  /  www.  tolly.  com/FF/  FF_home.  aspx 


ADTRAN,  Inc 


Adirati 


NetVanta  1224R 


All-in-one  network  access  device  combines  a  24-port  managed  Ethernet  switch, 
Certification  20041104  WAN  access  router,  stateful  inspection  firewall,  and  VPN  capability  in  a  1 U  platform 


April  2004 


3Com  Corp. 

Router  5009  (3C13700) 


3Com 


Modular  Edge  Router  -  Desktop  form  factor  -  2  "Smart  Interface  Card"  slots 


and  1  "Multi-function  Module"  slot.  128MB  Memory 

First "  WAN  Router  Tolly  Verified  as  Cisco  Interoperable 


Certification  20041103 
January  2004 


Analog  Devices,  Inc. 

Fusiv-Vx200  Network  Processor 

Network  processor 

"First”  Consumer-class  Network  Processor  with 
Wire-speed  Fast  Ethernet  Firewall 


ANALOG 

DEVICES 


Certification  20041108 
March  2004 


Extreme  Networks 

Summit  400-48t 


48-port  1 0/1 00/1 000  Gigabit  Ethernet  Edge  Switch  with  two  1 0-Gigabit  Certification  20041101 


XENPACK  Uplinks  and  optional  EPS-160  redundant  AC  power  supply 


March  2004 


"First"  100  Mpps  Fixed  Port  Gigabit  Ethernet  Switch 


Extreme  Networks 

Summit  40(M8t 


Certification  20041102  48-port  1 0/1 00/1 000  Gigabit  Ethernet  Edge  Switch  with  two  1 0-Gigabit 
March  2004  XENPACK  Uplinks  and  optional  EPS-1 60  redundant  AC  power  supply 

"Foremost"  Performance  -  Fixed  Port  Gigabit  Ethernet  Switch 
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June  2004 


Extreme  Networks  Summit  400  flexes 
Gigabit  Ethernet  desktop  muscle 


Delivers  system  throughput  of  101  million  pps  and  68  Gbps 

Achieves  wire-speed,  40  Gbps  in  "Edge-to-Core"  test  using  10-Gigabit  Ethernet  uplinks 
Offers  advanced  QoS  features  such  as  eight  traffic  queues  and  per-port  rate  limiting 
Provides  sophisticated  user  management  and  security  features 

Provides  robust  hardware  and  software  redundancy  features,  including  RSTP,  link  aggregation  and 
redundant  power  supply 


Sponsor:  Extreme  Networks,  Inc. 

Document  number:  204123 
Product  class:  Gigabit  Ethernet  Switch 
Products  under  test: 

•  Extreme  Networks  Summit  400-48t 
Testing  window:  March  2004 
For  more  info  on  this  test,  visit: 
http://www.extremenetworks.com 


- — — — - - — — - - — 

Recent  tests  show  that  Extreme  Networks®  Summit®  400  Gigabit 
Ethernet  switch  delivers  wire-speed  throughput  at  Layer  21 
Layer  3  and  can  process  in  excess  of  100  million  64-byte  packets 
per  second. 

Extreme  Networks,  Inc.  commissioned  The  Tolly  Group  to  evaluate 
its  Summit  400-48t,  a  48-port  Gigabit  Ethernet  Layer  2  and  Layer  3 
switch  designed  for  use  as  an  enterprise-class  edge  switch  to 
connect  Gigabit  Ethernet-attached  desktops.  The  Summit  400-48t 
is  a  fixed-port  model  that  supports  two  optional  10-Gigabit  Ethernet 
uplinks,  an  optional  redundant  power  supply,  and  an  array  of  software 
features  that  make  it  suitable  as  an  intelligent  edge  switch. 


Layer  2/Layer  3  10-Gigabit  Ethernet  Throughput: 
All  Ports  Paired  and  Edge-to-Core  Tests1 

100 -/I 


512  1,518 

Frame  size  (bytes) 


I  All  Ports  □  Edge-to-Core 


1  Results  are  for  two  test  scenarios:  In  the  first  scenario,  all  ports  transmitted  data  at 
Layer  2/Layer  3  for  an  aggregate  of  68  Gbps,  while  the  second  scenario  represented 
Layer  2/Layer  3  uplink  throughput  from  the  network  edge  to  the  core  switch,  with  40 
Gbps  traversing  the  links. 

i 


WBBHBnBBMlwHfHBBB 


networks 


In  an  “edge-to-core”  scenario  that  exercised  the  switches' 
two  10-Gigabit  Ethernet  uplinks,  the  switch  performed  at 
wire  speed  delivering  40  Gbps  of  throughput  across  the 
10-Gigabit  Ethernet  uplinks.  The  Tolly  Group  also  validated 
significant  product  capabilities  in  the  areas  of  QoS,  security, 
and  user  management/system  management. 

The  Summit  400  not  only  demonstrated  core  support  for 
both  VLANs  and  QoS,  but  advanced  traffic  shaping  as 
well.  The  Summit  400  is  able  to  provision  eight  traffic 
queues  to  provide  for  very  granular  control  over  multiple 
types  of  traffic.  With  per-port  rate  limiting,  the  Summit  400 
illustrates  that  traffic  flows  can  be  tuned  further  by  creat¬ 
ing  “logical  pipes”  of  bandwidth  per  traffic  classification 
rather  than  being  able  to  provision  only  at  the  10/100/ 

1000  port  level. 

Close  to  30  certifications  were  awarded  to  the  Summit  400 
under  the  Tolly  Verified  certification  program,  with  at  least 
five  “firsts,”  including  per-port  rate  limiting,  as  well  as 
several  related  to  802. IX  and  user  authentication. 

The  Tolly  Group  also  certified  a  number  of  System 
Management,  Security  and  User  Management  facilities 
including:  The'Summit  400’s  Rapid  Spanning  Tree  Protocol 
support,  support  for  Link  Aggregation,  802. IX  “per  MAC” 
authentication,  Dynamic  VLAN  assignment,  as  well  as  URL  “hijacking”  and  URL 
automatic  redirect  capabilities.  Check  out  the  full  report  on  The  Tolly  Group’s 
Web  site:  http://www.tolly.com/DocDetail. aspx?DocNumber=2041 23. 


9,000 


I 


Special  Advertising  Section 


June  2004 


Extreme  Networks  BlackDiamond  10K  sparkles  in 
VoIP  quality,  performance  and  resiliency  tests 


•  Demonstrates  network  scalability,  resiliency,  security  and  extensibility  to  meet  the  demands  of  next- 
,  generation  core  networks 

•  Delivers  toll-quality  VoIP  call  performance  under  various  induced  system  and  network  outages,  even  under 
the  most  resource-intensive  control  task  operations 

•  Demonstrates  non-stop  operation  and  VoIP  traffic  delivery  even  during  Denial  of  Service  attacks  while 
provisioning  30,000  ACL  rules,  or  while  processing  one  million  BGP  routes 

•  Achieves  hitless  failover  of  system  components,  including  management  and  switch  fabric  modules,  power 
management  modules,  fan  trays  and  network-level  protocols 


Recent  tests  conducted  for  Extreme  Networks®  proved  that  the 
vendor’s  BlackDiamond®  10808  delivers  on  the  three  most 
critical  requirements  for  core  network  switches  -  reliability,  resiliency 
and  rock-solid  uptime. 


Extreme  commissioned  The  Tolly  Group  to  evaluate  its 
BlackDiamond  10808  (BlackDiamond  10K),  a  scalable  chassis- 
based  Gigabit  Ethernet  switch  outfitted  with  Gigabit  Ethernet  and 
10-Gigabit  Ethernet  blades  and  designed  to  serve  in  the  network 
core  of  service  provider  and  enterprise-class  networks. 


Tests  show  that  the  BlackDiamond  lOK’s  built-in  resiliency 
capabilities  enable  the  device  to  rebound  from  induced  failures  in 
just  milliseconds,  and  in  some  cases  with  zero  measurable  impact. 
Tests  also  show  the  BlackDiamond  10K  carries  VoIP  traffic, 
even  under  conditions  of  duress,  while  still  maintaining 
‘excellent’  toll  quality.  Tolly  Verified  tests,  detailed  below, 
illustrated  substantial  capabilities  in  the  areas  of  QoS, 
security,  and  user  management/system  management. 

In  VoIP  call  quality  tests,  under  every  induced  failure 
scenario,  the  BlackDiamond  10K  responded  by  delivering 
excellent  quality  VoIP  -  delivering  a  PSQM  score  of  0.4, 
which  equates  to  excellent  toll  quality  by  a  wide  margin. 


This  means  that  network  managers  can  confidently  deploy 
toll-quality  VoIP  services  with  non-stop  operation  regardless 
of  network  failures,  system  component  failures,  or  field 
maintenance  replacements. 


► 


The  BlackDiamond  10K  also  allows  for  in-service  maintenance 
without  single  points  of  failure  as  demonstrated  by  hot- 
swappable  Management  and  Switch  Fabric  Modules,  Power 
Management  Modules,  Power  Supplies  and  Fan  trays. 

Failure  or  replacement  of  these  components  does  not  result 
in  costly  outages  and  it  will  not  impact  network  performance. 
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Project  Profile 


Sponsor:  Extreme  Networks,  Inc. 

Document  number:  204124 

Product  class:  10-Gigabit  Ethernet  Switch 

Products  under  test: 

•  Extreme  Networks  BlackDiamond  10808 

Software:  ExtremeWare  XOS  version  10.2.0.4  BETA 

Testing  window:  March  2004 

For  more  info  on  this  test,  visit: 

h  ttp :  //www.  extremenetworks.com 
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Maintained  VoIP  Quality  (PSQM) 
During  Induced  Failures 

(Lower  is  Better  Quality) 
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□  Power  Management  Module  Failure 

□  Power  Supply  Failure 

□  Fan  Tray  Failure 

■  EAPS  Link  Failure 

■  MSM  Failure 

Toll  Quality  Voice  (1.5  PSQM  score  anc^below) 


)  Advanced  resiliency  features  are  also  built  into  the 
BlackDiamond’s  modular  ExtremeWare  XOS  operating 
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system,  such  as  hitless  software  upgrades,  and  memory  protection  of  individual  application  tasks.  Extreme  Networks’  Ethernet 
Automatic  Protection  Switching  (EAPS)  provides  loop  prevention  and  sub-50  ms  convergence  times. 


Check  out  the  full  report  on  The  Tolly  Group’s  Web  site  at:  http://www.tolly.com/DocDetail. aspx?DocNumber=204124. 
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Allot  Communications  NetEnforcer 
manages  Layer  7  traffic  at  2  Gbps 


•  Demonstrates  wire-speed  bidirectional  throughput  for  256-,  51 2-,  1 ,024-  and  1 ,518-byte  frames  with 
500,000  active  connections 

•  Maintains  less  than  33  microsecond  average  latency  at  100%  of  the  bidirectional  throughput  rate 

•  Recognizes  and  controls,  with  Layer  7  classification,  P2P  applications  (such  as  Kazaa  and  eDonkey) 
successfully  under  full  traffic  load 

•  Provides  less  than  2  milliseconds  of  fail-over  time  using  NetEnforcer  Fiber  Bypass 

•  Implements  bandwidth  fairness  among  traffic  and  user  streams 

- — . — . — — - - — - — - — — ■ — — — - — — — - — - ................ - [ — s - i — m - m - 


Project  Profile 


Sponsor:  Allot  Communications 
Document  number:  204125 
Product  class:  Carrier-grade 
traffic  management  appliance 
Products  under  test: 

•  Allot  Communications 
NetEnforcer  AC-1 01 0 
SP/1G  software  version 
5.1.1  Build  7 

Testing  window:  April  2004 
For  more  info  on  this  test,  visit: 

http://www.allot.com 


Recent  tests  conducted  on  Allot 
Communications  NetEnforcer 
AC-1010  reveal  that  the  traffic  manage¬ 
ment  device  processes  mid-  to  large¬ 
sized  packets  at  wire-speed,  while  also 
controlling  Peer-to-Peer  (P2P)  traffic  to 
manage  bandwidth  effectively. 

Tolly  Group  throughput  testing  demon¬ 
strates  that  the  NetEnforcer  AC-1010  is 
capable  of  processing  traffic  at  gigabit 
speeds  even  under  significant  process¬ 
ing  loads.  By  delivering  zero-loss 
wire-speed  throughput  at  2  Mbps  the 
NetEnforcer  AC-1 000  shows  that  it 
can  handle  complex  Quality  of  Service 
(QoS)  and  service-processing  requests 
without  impacting  overall  device  perform¬ 
ance.  Such  performance  proves  the 
NetEnforcer  AC-1000  Series  can  meet 
the  rigorous  demands  of  carriers  and 
large  enterprise  networks. 


Engineers  measured  the  zero-loss  bi¬ 
directional  throughput  of  the  NetEnforcer 
AC-1010  when  handling  500,000 
active  connections.  Throughput 
measurements  were  recorded  when 
the  NetEnforcer-1010  was  subjected 
to  frame  sizes  of  256,  512,  1,024  and 
1,518  bytes.  In  every  test  case,  the 
NetEnforcer  AC-1010  achieved  100% 
of  the  theoretical  maximum  zero-loss 
throughput,  which  equates  to  2  Gbps 
of  steady-state  performance. 


The  NetEnforcer  recognizes  and 
classifies  applications  by  their 
application  signature  (Layer  7  classifi¬ 
cation)  so  carriers  and  enterprise 
users  can  effectively  manage  P2P 
and  business-critical  traffic,  permitting 
as  much  or  as  little  bandwidth 
consumption  as  required.  Check  out 
the  full  report  on  The  Tolly  Group’s 
Web  site:  http://www.tolly.com/ 
DocDetail.aspx?DocNumber=2041 25. 


When  QoS  was 
enabled  on  the 
NetEnforcer  AC-1 01 0 
and  parameters  were 
set  to  restrict  traffic 
from  multiple  P2P 
applications,  TCP 
traffic  flowed  at  a  rate 
of  1  Gbps,  while  P2P 
traffic  flowed  at  100 
Mbps  each,  down  from 
200  Mbps  previously. 

Using  the  NetEnforcer 
AC-1010  traffic  control 
facilities,  carriers  can 
establish  a  wide  range 
of  policies  that  guaran¬ 
tee  or  limit  bandwidth 
as  well  as  prioritize 
traffic  types  for  every 
subscriber,  class  of  ser¬ 
vice  or  session.  This  flexibility  allows 
carriers  to  set  the  exact  policies  that  will 
let  them  deliver  services  that  meet  the 
needs  of  target  markets. 


Zero-Loss  (<  0.001%)  Bidirectional  Throughput 
Across  NetEnforcer  AC-1010  with  500,000 
Active  Connections 
as  Reported  by  Ixia  IxExplorer 
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512 


1,024 


1,518 


Ethernet  frame  size  (bytes) 
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ADTRAN  NetVanta  1224R  hammers 
home  single  platform  advantage 


Outperforms  comparable  Cisco  multi-box  solution  by  68%  in  bidirectional  firewall  throughput  tests 
when  handling  64-byte  Ethernet  frames 

Demonstrates  non-blocking  Ethernet  switching  for  every  frame  size  in  a  24-port  Fast  Ethernet 
fully  meshed  configuration 

Maintains  excellent  VoIP  call  quality  across  WAN  infrastructure  due  to  very  low  latency  and  intelligent 
QoS  features  even  when  link  is  oversubscribed 

Provides  significantly  better  inter-VLAN  routing  throughput  than  the  comparable  Cisco  multi-box  solution 


Growth  in  the  number  of  enterprise  branch  offices  that  support 
Internet  and  IP-based  applications  is  increasing  the  need  for 
managed  switching  functionality  at  the  network  edge. 

Users  who  traditionally  were  forced  to  deploy  a  multi-platform  solu¬ 
tion  consisting  of  routers  and  switches  now  can  turn  to  an  integrated 
platform  approach  that  outperforms  multi-platform  alternatives. 

ADTRAN®  commissioned  The  Tolly  Group  to  evaluate  its 
NetVanta®  1224R,  an  all-in-one  managed  Layer  2  Ethernet  switch 
with  integral  IP  router,  modular  WAN  interface,  firewall,  and  VPN, 
to  determine  the  effectiveness  of  a  single-system  solution  for 
WAN/LAN  connectivity  versus  a  multi-platform  switch  and  router 
solution  from  Cisco  Systems,  Inc.  The  Tolly  Group  benchmarked 
the  performance  of  the  NetVanta  1224R  against  a  Cisco  2950 
Layer  2  switch  and  a  Cisco  1721  modular  access  router. 

Tests  show  that  the  NetVanta  1224R  performs  comparably  to  the 
Cisco  solution  for  medium-to-large  frame  sizes,  but  the  ADTRAN 
device  holds  a  distinct  advantage  when  handling  the  more  taxing 
64-byte  frames,  which  is  typical  of  applications  such  as  VoIP. 

On  the  latency  front,  the  NetVanta  1224R  did  not  introduce  jitter 
into  the  network  as  shown  by  the  consistent  latency  measure¬ 
ment  that  ranged  from  0.53  ms.  to  0.59  ms.  However,  the  Cisco 
solution  introduced  latency  that  spiked  as  high  as  0.95  ms.  for 
64-byte  frames,  and  as  low  as  0.38  for  512-byte  frames. 

With  regard  to  inter-VLAN  throughput,  the  NetVanta  1224R  deliv¬ 
ered  up  to  200  Mbps  of  bidirectional  zero-loss  throughput,  while 
the  two  Cisco  devices  leveled  off  at  512-byte  frames  and  deliv¬ 
ered  a  maximum  of  99  Mbps  of  bidirectional  throughput.  From  a 
call-quality  perspective,  both  the  ADTRAN  and  Cisco  equipment 
performed  almost  identically  offering  excellent  call-quality  support. 

Test  results  suggest  that  there  are  inherent  performance 
advantages  that  stem  from  the  integration  of  managed  Layer  2 
switching  and  the  routing  capabilities  provided  by  the  NetVanta 
1224R  versus  a  two-box  solution  from  Cisco.  Obviously,  there 
are  throughput  gains  to  be  had,  and  there  are  also  implications 
for  increased  latency  for  smaller  frames  when  handled  by  the 
Cisco  solution,  thereby  possibly  affecting  delay-sensitive  appli¬ 
cations  such  as  VoIP.  Check  out  the  full  report  on  The  Tolly 
Group's  Web  site  at:  http://www.tolly.com/DocDetail.aspx? 
DocNumber= 204 1 22. 
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Sponsor:  ADTRAN,  Inc. 

Document  number:  204122 

Product  class:  Ethernet  switch  and  access  router 

Products  under  test: 

•  NetVanta  1224R/STR  Managed  Layer  2  Ethernet 
Switch  with  integral  IP  Router,  modular  WAN 
interface,  and  firewall:  version  6.0.34 

•  Cisco  2950  12.1(19)EA1c  24-port  Managed 
Layer  2  Ethernet  Switch 

•  Cisco  1721  12.3(6)  Access  Router 
Testing  window:  March  2004 

For  more  info  on  this  test,  visit: 
http://www. ADTRAN  .com 


Zero-Loss(<  0.001  %)  Bidirectional 
Routing  and  Firewall  Throughput 

Across  WAN  (Frame  Relay  over  T1)  with  10  Active  Rules 
and  200  Active  Sessions  as  Reported  by  SmartWindow 


ADTRAN  NetVanta 
1224R 


Cisco 

1721/2950 


Ethernet  frame: 
64  bytes  ■  512  bytes 


1,500  bytes 
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Introducing  the  NetVanta  1224STR  from  ADTRAN’ 


Dare  to  Compare! 

NetVanta 

1224STR 

Managed,  24-Port 

Layer  2  Switch 

✓ 

Gigabit  Ethernet  Uplinks 

✓ 

IP  Access  Router 

✓ 

Stateful  Inspection  Firewall 

✓ 

OSU/CSU 

✓ 

QoS 

✓ 

VLAN  trunking 

✓ 

Command  Line  Interface  (CLI) 

✓ 

Intuitive  Web  GUI 

✓ 

ADTRAN  OS 

✓ 

Optional  Virtual  Private 
Networking 

✓ 

Optional  Dial  Backup 

✓ 

Optional  PBX  Connectivity 

✓ 

Unlimited  Telephone 

Technical  Support 

✓ 

Free  Firmware  Updates 

✓ 

5- Year  Warranty 

✓ 

Available  at  a  price  point  well  below  competing 
multi-box  solutions,  the  NetVanta  1224STR 
will  change  the  way  you  connect  remote  locations. 


Lower  the  cost  of  enterprise  connectivity  with  the  powerful  new 
NetVanta  1224STR.  This  full-function  WAN/LAN  access  platform 
does  the  work  of five  devices  for  the  price  of  one.  Suitable  for  networks 
of  any  size,  the  NetVanta  1224STR  offers  everything  you  need  to  bring 
a  branch  office  or  remote  location  online,  including  managed  Layer  2 
Ethernet  switching,  full-featured  IP  routing,  firewall  protection,  VPN, 
and  WAN  termination — all  in  a  compact  1U  chassis.  It  is  QoS,  VLAN, 
and  Gigabit  Ethernet  capable,  and  offers  affordable  dial  backup  and 
voice  options.  ADTRAN’s  new  NetVanta  1000  Series  of  Layer  2  Ethernet 
switches  is  backed  by  a  100%  satisfaction  guarantee,  including  unlimited 
technical  support,  free  firmware  upgrades,  and  a  5-year  warranty. 


il  Test  drive  a  NetVanta  1224STR  today! 
Win  a  free  baseball  cap! 

www.adtran.com/info/coolswitch 


877.591.3055  Technical  Questions 
877.280.8416  Where  to  Buy 


The  NetVanta  Series 


NetVanta  1000  Series  NetVanta  2000  Series  NetVanta  3000  Series 

Integrated  Switch/Router  Platforms  Firewalls/VPN  IP  Routers 

Managed  Layer  2  Ethernet  Switches 


The  Network  Access  Company 
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looking  to  get  bigger. 


second  chance,  users  get  deals 


As  CLECs  get  a 

■  BY  GRANT  GROSS 

Anderson  Columbia  Co., a  road  construction  contrac¬ 
tor  in  Lake  City  Fla.,  chose  to  switch  to  telecom 
provider  ITC  DeltaCom  just  five  months  before  the 
competitive  local  exchange  carrier  filed  for  bankruptcy 
But  Mark  Resler,  communications  manager  for  Ander¬ 
son  Columbia, says  he  wasn’t  concerned  about  the  bank¬ 
ruptcy,  filed  in  June  2002.“It’s  done  all  the  time  in  the  cor¬ 
porate  world,”  he  says. 

When  Anderson  Columbia  switched.it  saved  10%  to 
15%  on  telecom  services,  amounting  to  more  than  $3,000 
per  month,  he  says.The  company  with  about  1,000 
employees,  uses  ITC  DeltaCom  for  local  and  long-dis¬ 
tance  service, T-l  lines  and  frame  relay  connections  for  its 
10  locations  in  northern  Florida. 

While  investors  in  CLECs  have  lost  billions  of  dollars, 
the  competitive  carriers  that  survive  are  fighting  hard  for 
the  business  of  companies  such  as  Anderson  Columbia. 
In  addition  to  saving  the  construction  contractor  money, 
ITC  DeltaCom  offers  personalized  customer  service  that 
Resler  says  he  doubts  would  be  available  from  most 
larger  carriers.“My  requests  get  handled  real  well,”  he 
says.“They  call  back  relatively  quickly’ 

Taking  different  paths 

Telecom  observers  have  seen  dozens  of  small  and  mid¬ 
size  CLECs  emerge  from  bankruptcy  in  the  past  year,  and 
even  more  came  back  in  the  previous  year.  Some  sur¬ 
vivors  are  gobbling  up  smaller  competitors,  some  are  cut¬ 
ting  back  on  services  or  markets,  some  are  offering  new 
services  and  still  others  are  just  trying  to  turn  a  profit. The 
good  news  for  telecom  buyers  is  that  these  formerly 
bankrupt  CLECs  are  focused  on  competing  with  their 
larger  cousins  and  with  incumbent  car¬ 
riers,  sometimes  by  lowering  prices  and 
sometimes  by  trying  to  offer  bundled 
services  or  better  customer  service. 

“It’s  good  for  customers  right  now;”  says 
Nancy  Kaplan,  vice  president  of  tele¬ 
com  strategy  consultant  Adventis. 

“CLECs  are  going  after  customers  with 
lower  prices.” 

Price  competition,  however,  might  not 
be  a  winning  game  for  many  smaller 
CLECs,  when  large  CLECs  and  the 
RBOCs  have  economies  of  scale  on 
their  side,  Kaplan  says.“If  all  you’re  going 
to  do  is  play  on  price,  that’s  a  difficult 
sell,” she  says.“Some  of  these  companies  will  emerge  very 
strongly, some  of  them  will  be  bought  by  other  carriers, 
and  some  of  them  aren’t  going  to  make  it." 

While  customers  should  pay  attention  to  CLECs’  finan¬ 
cial  reports, service  won’t  get  turned  off  overnight  if  a 
carrier  doesn’t  succeed  in  the  long  term,  Kaplan  says. 
Worst  case,  a  customer  would  have  to  eventually  negoti¬ 
ate  another  telecom  contract  if  a  CLEC  doesn’t  survive, 
she  adds. 

Often  CLECs  emerging  from  bankruptcy  don’t  offer  busi¬ 
ness  plans  that  are  radically  different  than  they  offered 
before.  In  the  case  of  AboveNet,a  fiber-based  telecom 
carrier,  bankruptcy  meant  cutting  loose  three  data  centers 
and  getting  rid  of  “fiber  bank  contracts,”  where  customers 


bought  contracts  based  on  estimated  future  needs. 

While  those  contracts  were  “spectacular  from  a  revenue 
point  of  view,  they  were  a  disaster  from  a  planning  point 
of  view?’ says  AboveNet  President  and 
CEO  William  LaPerch.who  joined  the 
company  in  January,  three  months  after 
it  emerged  from  bankruptcy 

AboveNet,  formerly  called 
Metromedia  Fiber  Network,  now  is 
focused  on  what  LaPerch  says  is  its 
strength:  Delivering  services  based  on 
its  2.1  million  miles  of  fiber  lines  in  13 
major  US.  markets.  In  March,  the  com¬ 
pany  announced  a  dedicated  Ethernet 
service  and  in  April  said  that  E! 

Networks  had  become  a  customer  of 
its  Metro  Gig-ETM  high-speed  optical  IP 
connection. 

The  “growth-at-all-costs”  mentality  of 
2000-01  among  CLECs  is  gone,  LaPerch  says.The  old  men¬ 
tality  of  building  a  field  of  dreams  . . .  was  given  up  for  a 
more  conservative  model,”  he  adds. 

The  company  is  focused  on  providing  high-end  IP  ser¬ 
vices  instead  of  competing  with  other  carriers  strictly  on 
price.” When  I’m  competing  on  price,  there’s  a  sense  of 
desperation  in  the  folks  I’m  competing  with,  and  1  get  out 
of  that  space,”  he  says. 

Getting  bigger  is  the  game  plan 

While  AboveNet  has  fine-tuned  its  business  plan  to  “the 
right  focus,”  as  LaPerch  calls  it,  other  carriers  such  as  ITC 
DeltaCom  and  XO  Communications  have  pegged  their 
future  on  growth  through  acquisitions. 

ITC  DeltaCom,  which  came  out  of  bankruptcy  in 

October  2002,  merged  with  BTI  Telecom 
a  year  later,  and  the  West  Pbint,  Ga.,  com¬ 
pany  might  complete  a  second,  or  even 
a  third,  merger  by  late  this  year, says 
Larry  Williams,  ITC  DeltaCom’s  chair¬ 
man  and  CEO. 

ITC  DeltaCom,  which  packages  ser¬ 
vices  such  as  T-l  Internet  and  voice 
offerings,  also  has  focused  on  price 
competition  since  emerging  from  bank¬ 
ruptcy  Williams  says.  BellSouth  drives 
prices  in  the  retail  market,  where  ITC 
DeltaCom  focuses  its  energies,  Williams 
says.The  CLEC  continues  to  sell  some 
of  its  bandwidth  in  the  wholesale  mar¬ 
ket  as  well. 

“We’ve  finally  corrected  our  pricing  to  make  sure  we’re 
in  line  with  our  competition, ’’Williams  says. 

In  March,  the  carrier  introduced  its  Simplici-T  Plus  bun¬ 
dle  of  voice,  Internet  access  and  site-to-site  transfer  on 
one  T-l  line.  But  a  major  part  of  the  company’s  business 
plan  is  to  save  money  by  merging  with  other  CLECs  in  the 
southeastern  U.S.and  consolidating  operations.The  com¬ 
pany  this  year  expects  to  cut  costs  by  more  than  $23  mil¬ 
lion  through  its  merger  with  BTI. 

ITC  DeltaCom,  with  50,000  business  customers  and 
20,000  residential  customers, sees  strength  in  adding 
more  customers,  Williams  says.“Now  that  a  lot  of  compa¬ 
nies  have  cleaned  up  their  balance  sheets  ...we  see  as 


one  of  our  strengths  going  forward  being  able  to  consoli¬ 
date  some  of  these  people,”  he  says. 

XO,  which  emerged  from  bankruptcy  in  January  2003, 
completed  an  acquisition  of  fellow 
CLEC  Allegiance  Telecom  in  April.  XO 
posted  a  loss  from  operations  of  $43.3 
million  in  the  first  quarter,  but  CEO 
Carl  Grivner  says  the  acquisition  will 
help  the  company  move  toward  prof¬ 
itability  faster. The  company,  with 
180,000  customers  ranging  from  small 
to  large,  plans  to  be  profitable  next 
year,  he  says. 

XO  provides  a  range  of  telecom  ser¬ 
vices,  including  local  and  long-dis¬ 
tance  voice,  Internet  access, VPNs  and 
Web  hosting.  Since  filing  for  bankrupt¬ 
cy,  the  company  has  consolidated 
some  of  its  services,  cutting  the  num¬ 
ber  of  packages  it  offers  from  about  60  to  about  12,  and 
nixing  some  of  its  DSL  offerings  to  small  businesses, 
Grivner  says. 

The  company  also  is  focusing  on  customer  service  as 
a  way  to  set  itself  apart  from  bigger  competitors.”  [Cus¬ 
tomers]  are  less  enamored  with  technology  for  technol¬ 
ogy’s  sake,  and  more  focused  on  customer  service,” 
he  says. 

Broadband  provider  Covad  Communications  is  look¬ 
ing  at  providing  VoIP  service  in  addition  to  Web  hosting, 
e-mail  hosting  and  other  traditional  IP  services. 

Covad,  sometimes  called  a  data  LEC,  emerged  from 
bankruptcy  in  December  2001  and  announced  plans  in 
March  to  acquire  VoIP  provider  GoBeam.  Covad  owns 
most  of  the  network  facilities  it  uses  and  sees  that  as  an 
advantage  in  the  growing  VoIP  market,  says  Charles 
Hoffman,  Covad  president  and  CEO. 

“Unlike  most  others  getting  into  this  [VoIP]  game,  we 
can  control  the  quality  of  service  from  end  to  end,” 
he  says. 

Expect  more  mergers  and  acquisitions  as  the  CLEC 
industry  continues  to  look  for  ways  to  become  more 
efficient, says  Carlyn  Taylor,  senior  managing  director  in 
corporate  finance/restructuring  practice  of  FTI 
Consulting. 

Taylor,  whose  group  has  advised  dozens  of  CLECs  dur¬ 
ing  bankruptcy, says  she  still  sees  vastly  different  cost 
structures  among  CLECs,  with  some  inefficient  compa¬ 
nies  spending  three  times  what  others  do  to  attract  each 
customer.  Because  of  those  differences  in  costs,  some 
CLECs  remain  good  targets  for  acquisitions, she  says. 

CLECs  covering  wide  geographical  regions  tend  to 
have  problems,  while  those  offering  a  deep  bundle  of 
services  in  smaller  regions  should  be  able  to  compete, 
she  says. 

“There  are  maybe  a  dozen  CLECs  that  have  used  the 
last  couple  of  years  to  significantly  cut  their  costs  to 
become  more  efficient”Taylor  says.“In  my  opinion, 
there’s  nothing  wrong  with  the  core  business  model.  As 
these  companies  bulk  up, you’ll  see  more  companies  . . . 
that  are  cash-flow  positive.” 

Gross  is  a  correspondent  with  the  IDG  News  Service’s 
Washington,  D.  C.,  bureau. 


Where  did 
they  go? 

IDC  estimates  that  of 
300  CLECs  in  the  U.S.  in 
2000,  about  60  remain, 
with  more  than  $20  bil¬ 
lion  in  debts  written  off 
since  then. 


Hard  times 

According  to  FTI 
Consulting,  30  CLECs 
filed  for  bankruptcy 
between  the  second 
quarter  of  2000  and 
the  first  quarter  of  this 
year,  not  including 
several  other  private 
restructurings. 


Predict 


Virus  Outbreaks? 


Believe  it. 


Introducing  IronPort  Virus  Outbreak  Filters 

Today’s  email  borne  viruses  propagate  globally  in  hours  or  minutes,  much 
faster  than  traditional  defenses  can  react,  leaving  you  exposed  to  the  “reaction 
time  gap’.’  IronPort’s  Virus  Outbreak  Filters™  stop  viruses  4  to  6  hours  before 
traditional  virus  definition  files  are  available,  literally  predicting  virus  attacks 
before  they  cause  harm.  Predict  your  future  at  www.ironport.com/avi 

(T)  IRONPORT 

Rebuilding  the  World’s  Email  Infrastructure. 


POWERED  BY 

A/Vi 

IronPort’s  A/Vi  technology 
is  a  series  of  algorithms 
that  process  data  from 
SenderBaseT  the  world's 
largest  email  traffic 
monitoring  network  . 
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DS-UWB  enables  convergence 


HOW  IT  WORKS 


Direct  Sequence  UWB 


DS-UWB  serves  as  the  basis  for  personal  area 
networks  that  link  mobile  phones,  media  players, 
digital  cameras,  camcorders  and  other  electronic 
devices. 
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Consumer  electronics  Computing 


Mobile 


O  User  inputs  data  into  a  mobile  device. 

©  DS-UWB  transmits  data  by  pulses  generated  at  very  high  rates  in  excess  of  1  billion 
pulses  per  second.  DS-UWB  also  uses  coherent  processing  over  the  entire  frequency 
band  and  puts  out  little  “noise,”  minimizing  interference  with  other  wireless 
technologies. 


■  BY  IAN  GIFFORD 

The  PC,  consumer  electronics  and  cellu¬ 
lar  markets  are  in  a  state  of  convergence  as 
mobile  communications  devices  are  being 
used  to  carry  an  array  of  datastreams  such 
as  photographs  and  streaming  video.  But 
current  wireless  technologies  don’t  offer 
sufficient  data  rates  to  support  the  multi¬ 
media-intensive  applications  in  develop¬ 
ment  for  multifunctional  devices.  Ultra- 
wideband  (UWB)  might  provide  the  miss¬ 
ing  link. 

UWB  is  an  emerging  wireless  technology 
for  personal-area  networks  (PAN)  that  link 
wireless  IP  devices  such  as  mobile  phones, 
media  players, digital  cameras, camcorders 
and  other  consumer  electronic  and  net¬ 
work  gear  in  the  home  and  office.  UWB 
can  provide  seamless,  low-cost,  highly  reli¬ 
able  video, audio  and  data  connectivity  for 
such  devices. 

The  IEEE  is  considering  more  than  one 
wireless  standards  solution,  but  two  events 
have  propelled  UWB  to  the  forefront.  First, 
the  FCC  has  permitted  commercial  UWB 
communication  devices  to  operate  in  the 
3.1GHz  to  10.6GHz  spectrum.  And  second, 
the  IEEE  802.15.3a  task  group  is  crafting  a 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurr@nww.com). 


physical  layer  for  next-generation  PANs, 
and  UWB  is  an  ideal  candidate  for  the 
physical  layer. 

While  all  the  proposed  technologies  are 
designed  to  provide  optimal  performance, 
only  Direct  Sequence  UWB  (DS-UWB) 
uses  a  combination  of  a  single-carrier 
spread-spectrum  design  and  wide  coher¬ 
ent  bandwidth.  Developed  by  the  UWB 
Forum,  an  industry  organization  focused 
on  UWB  design  and  application,  the  DS- 
UWB  approach  provides  low-fading,  opti¬ 
mal  interference  characteristics,  inherent 
frequency  diversity  and  precision  ranging 
capabilities. 

Unlike  conventional  wireless  systems, 
which  use  narrowband  modulated  carrier 
waves  to  transmit  information,  DS-UWB 
transmits  data  by  pulses  of  energy  gener¬ 
ated  at  very  high  rates:  in  excess  of  1  billion 
pulses  per  second,  providing  support  for 
data  rates  of  28M,  55M,  1 10M,  220M,  500M, 
660M  and  1320M  bit/sec.  A  fixed  UWB  chip 
rate  in  conjunction  with  variable-length 
spreading  code  words  enables  this  scal¬ 
able  support. 

DS-UWB  provides  four  key  advantages 
over  legacy  wireless  technologies:  quality  of 
service;  high  data  rates  that  scale  to  1G 
bit/sec  or  more;  lower  cost;  and  longer  bat¬ 
tery  life.  These  attributes  mean  DS-UWB  is 
well  suited  to  be  the  physical  layer  for  PANs. 

By  using  the  widest  possible  bandwidth 
to  produce  the  shortest  possible  pulses,  DS- 
UWB  supports  robust,  high-data-rate  links 
in  a  high  multipath  environment  and  offers 
precise  spatial  resolution  for  location 
detection  of  UWB  devices.  (A  multipath 
environment  is  one  in  which  radio  waves 
bounce  off  many  objects,  resulting  in 
ghosts  and  fades  that  tend  to  break  other 
approaches.) 


By  capitalizing  on  coherent  processing 
over  the  entire  frequency  band,  DS-UWB 
allows  the  best  theoretically  possible  per¬ 
formance  in  high  multipath  environments, 
such  as  homes. 

And  by  generating  continuous  smooth 
white  noise  at  lower  levels  than  competing 
approaches,  DS-UWB  will  minimize  inter¬ 
ference.  It  does  not  cause  any  harmful  in¬ 
terference  to  existing  spectrum  users,  a  key 
concern  of  worldwide  regulators. 

DS-UWB  technology  provides  scalable 
performance  across  a  range  of  application 
requirements  —  from  high  data  rates  of  up 
to  1G  bit/sec  to  extremely  low  power  con¬ 
sumption.  The  technology  reduces  imple¬ 


mentation  complexity  while  allowing  in¬ 
creased  scalability  making  it  ideal  for  appli¬ 
cations  such  as  high-rate  data  transfers  or 
power-constrained  handheld  devices. 

DS-UWB  is  poised  for  use  in  a  range  of 
applications.  Taken  together,  a  DS-UWB 
physical  layer  and  the  802.15.3  network 
can  enable  convergence  devices  to 
deliver  the  high-rate  wireless  video, 
audio  and  data  transfers  necessary  for 
next-generation  devices. 

Gifford  is  co-founder  of  the  UWB  Forum 
and  the  IEEE  802.15  Working  Group  for 
WPANs.  He  can  be  reached  at  giffordi@ 
ieee.org. 


Dr.  Internet 


By  Steve  Blass 


What  security  implications  are  there  in  using  Open 
Database  Connectivity  in  a  client/server  environ¬ 
ment9  Can  we  use  it  over  a  wireless  LAN? 

ODBC  does  not  encrypt  your  data  for  transmis¬ 
sion,  so  to  provide  security  for  the  database  traffic 
you  need  to  tunnel  the  ODBC  traffic  through  the 
network  using  Secure  Shell,  Secure  Sockets  Layer, 
Point-to-Point  Tunneling  Protocol/Layer  2 Tunneling 
Protocol  or  IPSec.  Depending  on  your  wireless 


configuration,  you  might  have  some  protection  in 
place  for  wireless  traffic.  If  you  have  a  VPN,  you 
usually  can  use  that  to  create  encrypted  connec¬ 
tions  between  systems  in  your  network  and  from 
outside.  If  you  are  starting  from  scratch  you  can 
create  point-to-point  SSH  tunnels  with  OpenSSH 
or  one  of  the  commercial  SSH  packages.  Or  if 
both  systems  run  Windows,  you  can  build  SSL 
VPN  tunnels  using  OpenVPN  or  the  Microsoft  VPN 
tools  found  under  Dial  Up  Networking  to  establish 


secure  connections  between  clients  and  server  for 
your  ODBC  traffic.  SSH  port  forwarding  is  fairly 
easy  to  implement  if  you  are  an  administrator  for 
only  a  few  connections.  The  VPN  tools  install  like 
network  adapters  and  are  easier  to  deploy  to  large 
numbers  of  clients,  including  those  connecting  over 
a  wireless  LAN. 

Blass,  a  network  architect  at  Change@Work.  can  be 
reached  at  dr.internet@changeatwork.com. 
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Finally,  we’re  over  our  RSS  obsession. So 
here  on  the  Gearhead  technical 
beachhead  the  topics  of  news  feeds 
and  aggregators,  along  with  Atom,  RSS  and 
JSMsg,  are  drifting  away  to  join  the  geek 
flotsam  and  jetsam. 

Backspin  promised  a  few  weeks  ago  that 
we’d  cover  the  topic  of  e-mail  tracking,  but 
he  failed  to  consult  with  us,  hence  the 
delay  The  product  that  triggered  this  theme 
was  something  called  DidTheyReadlt. 

DidTheyReadlt,  published  by  Rampell 
Software,  uses  a  well-known  technique  to 
detect  when  a  message  is  opened  and 
then  documents  the  details  of  the  recipient 
and  attempts  to  geolocate  his  IP  address. 

The  technique  employed  is  conceptually 
simple:  Embed  an  image  in  HTML  mail  to 
be  retrieved  when  the  recipient  renders 
the  message  content  and  record  the  image 
retrieval  details.  It  is  a  technique  loved  by 
spammers  who  use  it  to  determine 
whether  the  address  is  “hot”  —  whether  a 
warm  body  or  something  that  appears  to 


be  one  is  on  the  other  end. 

But  DidTheyReadlt  aims  to  take  the  un¬ 
certainty  out  of  delivery  and  remove  the 
excuse,  “Sorry  I  never  got  your  message.” 
Here’s  what  DidTheyReadlt  embeds  in 
each  tracked  message:  <img  src=”http:// 
didtheyreadit.com/index.php/worker? 
code=59493”  widths”  1  ”  height=”  1  ”  /> 

The  retrieval  of  the  image  reference  pro¬ 
vides  the  tracking  but  there’s  quite  a  bit  to 
this  process.  During  the  client-side  installa¬ 
tion  of  DidTheyReadlt,  a  Winsock  Layered 
Service  Provider  called  the  background 
tracker  is  installed  (see  www.nwfusion. 
com,  DocFinder:  2429). 

For  each  Simple  Mail  Transfer  Protocol 
message  sent,  the  background  tracker  has 
to  get  a  unique  ID  for  the  message.  It  makes 
an  HTTP  connection  to  the  DidTheyReadlt 
servers  and,  using  a  POST  request,  provides 
your  DidTheyReadlt  account  name  and 
password,  the  recipient  of  the  message  and 
the  subject  (all  in  URL-encoded  text). This 
data  is  stored  under  your  account. 

In  reply  the  server  provides  the  message 
ID  that  is  used  for  the  value  of  the  GET  vari¬ 
able  code  —  the  value  in  the  above  exam¬ 
ple  is  59493,  although  the  actual  IDs  used 
are  much  longer.  Finally  an  image  reference 
similar  to  the  one  above  is  inserted,  on  the 
fly  into  the  outgoing  message  immediately 


before  the  closing  tag  of  the  HTML  body 

When  the  recipient  renders  the  message, 
the  image  reference  has  to  be  resolved.  As 
the  source  of  the  image  is  an  HTTP  GET 
request,  a  server-side  process  (called 
worker)  is  called  and  passed  the  com¬ 
mand  tail  (code=59493).The  value  that  is 
associated  with  the  variable  code  is  used 
to  look  up  the  message  in  the  server’s  data¬ 
base.  When  the  message  is  found,  the 
retrieval  time,  the  recipient’s  IP  address, 
referrer,  and  browser  ID  string  are  logged. 

The  image  is  a  1-pixel,  JPEG,  8-bit,  RGB- 
encoded  image  with  a  total  file  size  of  302 
bytes  (let  us  digress  and  note  that  it  is  more 
accurate  to  call  a  JPEG  image  a  JFIEwhich 
stands  for  JPEG  File  Interchange  Format). 
The  single  pixel  is  white  (an  RGB  value  of 
255, 255, 255),  and  was  created,  for  what  it’s 
worth,  using  Adobe  Photoshop. 

Here’s  a  curiosity:  In  the  header  of 
images  created  with  Adobe  Photoshop 
you  will  find  three  tags:  JFIp  Ducky  and 
Adobe.  It  appears  that  Ducky  is  the  smok¬ 
ing  gun  that  indicates  that  Photoshop  was 
used  to  create  the  image,  but  we  can’t  find 
any  explanation  or  history  regarding  the 
use  of  Ducky  Let  us  know  if  you  know 
what’s  behind  this  oddity 

How  do  we  know  all  these  intimate 
details?  We  use  the  Ethereal  protocol  ana- 
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lyzer  (see  www.ethereal.com).  Ethereal  is 
free,  fantastically  powerful  and  available 
for  a  huge  number  of  platforms. 

If  you  are  going  to  use  Ethereal  under 
Windows  you’ll  also  need  to  install  the 
free  WinPcap,  which  provides  a  packet 
capture  architecture  for  Windows  (see 
http://winpcap.polito.it/).  We  found  this 
installation  somewhat  annoying,  but  just 
as  we  were  about  to  put  our  fists  through 
the  monitor  everything  started  working.  If 
you  intend  to  install  this  software,  you 
would  be  advised  to  reboot  first  and 
install  it  before  running  anything  else, 
then  reboot  immediately.  We  digressed 
again  . . . 

Of  course,  the  reliance  on  HTML  mes¬ 
sages  points  out  one  of  DidTheyReadlt’s 
weaknesses:  Only  HTML  messages  can  be 
tracked. 

Moreover,  HTML  messages  destined  for 
Hotmail,  Yahoo  or  AOL  are  special  cases 
and  can  only  be  tracked  by  adding 
“.didtheyreadit.com”  to  the  address  — 
thus,  “someone@aol.com”  would  be 
“someone@aol.com.didtheyreadit.com.” 
In  these  cases,  the  message  is  routed  via 
the  DidTheyReadlt  servers  and  next  week, 
we’ll  see  how  that  magic  works. 

Track  us  at  gearhead@gibbs.com. 


The  scoop:  SimpleDrive  400G-byte  External  Hard  Drive, 
from  SimpleTech,  about  $470. 

What  it  does:  The  SimpleDrive  attaches  via  USB  2.0 
cable  (or  USB  1.1)  to  a  PC  to  provide  an  instant  exter¬ 
nal  hard  drive  for  all  your  data. The  drive  has  a  separate 
power  adapter  and  a  Kensington  Security  Slot  to  help 
prevent  theft  of  the  device.  Software  for  automatic 
backup,  synchronization  and  restore  of  your  files  is 
included. 

Why  it’s  cool:  Backup  is  one  of  those  things  we  preach 
about  a  lot,  but  rarely  do.  Backing  up  our  files  usually 
involves  getting  a  new  hard  drive  and  copying  our  files 
from  one  drive  to  the 
next.  You  certainly  can 
do  that  with  this  drive, 
but  for  really  mission- 
critical  data,  you’re  bet¬ 
ter  off  using  the  back-up 
software.  The  software 
gives  you  compression 
and  encryption  options, 
and  you  can  set  up 
times  for  scheduling  a 
back-up  session  or  auto¬ 
matically  synchronizing 

SimpieTech's  SimpleDrive 
makes  it  simple  to  back 
up  your  critical  files. 


files.  Installation  on  our  Windows  XP  com¬ 
puter  was  as  simple  as  plugging  in  the 
device,  connecting  the  cables  and  turn¬ 
ing  on  the  device,  because  the  system 
then  loaded  as  an  extra  hard  drive 
(Windows  98SE  and  Macintosh 
users  need  to  load  the  driver  off  a 
CD-ROM). Transferring  250M  bytes  of 
music  files  from  a  Secure  Digital 
card  to  the  internal  hard  drive  took 
about  5  minutes;  the  same  transfer 
from  the  internal  hard  drive  to  the 
SimpleDrive  took  about  10  seconds 
(we  were  connected  via  USB  2.0;  USB  1.1  will  take 
longer).  We  then  used  the  software  to  back  up  some  of 
our  documents  and  file  settings;  547M  bytes  of  data 
(5,408  files)  took  just  over  7  minutes  to  complete  (low 
compression,  no  encryption).  If  400G  bytes  is  too  much 
storage,  drives  are  available  in  120G-,  160G-,and  250G-byte 
flavors. 

Grade:  ★★★★★  (out  of  five) 


With  the  Biopod,  a 
fingerprint  replaces  all 
your  passwords  and 
account  names. 


The 


scoop:  Biopod  Biometric  Password  Manager, 
from  APC,  about  $45. 

What  it  does:  A  lightweight  USB 
biometric  device,  the 
Biopod  lets  you  log  on 
to  password-protected 
Web  sites,  systems  or 
applications  using  your 
fingerprint.  After  a  sim¬ 
ple  setup,  a  user  estab¬ 
lishes  an  account  and 
enrolls  a  fingerprint  fol¬ 
lowing  an  easy  four- 
step  process.  The  next 
time  the  user  comes 
across  a  password-pro¬ 


tected  site  —  Hotmail,  for 
example  —  the  software  asks  if  it 
should  remember  the  password.  The  user  types  his 
logon  and  password  on  the  Hotmail  site,  then  right- 
clicks  the  Biopod  icon  on  the  system  tray  and  chooses 
“Remember  this  Password.”The  next  time  the  user  visits 
Hotmail,  he  gets  a  fingerprint  scan  prompt,  places  the 
correct  finger  on  the  sensor  and  is  authenticated  imme¬ 
diately. 

Why  it’s  cool:  If  you  belong  to  several  password-pro¬ 
tected  sites,  it’s  much  easier  to  enter  via  a  simple  finger¬ 
print  scan  than  remember  a  handful  of  passwords  and 
account  names.  The  Biopod  also  lets  you  enroll  up  to  20 
fingerprints,  which  would  be  ideal  for  a  busy  family  PC 
whose  members  have  several  e-mail,  shopping  or  mes¬ 
sage  board  accounts  across  the  Web.  Biopod  also  lets  you 
easily  encrypt  and  decrypt  files  on  your  hard  drive, and  is 
small  and  lightweight  enough  to  easily  travel  with  a  road 
warrior.  One  suggestion:  APC  should  include  a  simple 
case  to  protect  the  unit  and  its  sensor  for  those  who  take 
it  on  the  road. 

Grade:  ★★★★ 


Cool 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Shaw  can  be  reached  at  kshaw@nww.com.  Network 
World  Fusion  Managing  Editor  Melissa  Shaw  contributed 
to  this  report. 


Our  new  OptiView  Series  II  Integrated  Network  Analyzer 
shows  you  more  of  what's  happening  on  your  network 


OptiView  Series  IIm 
Integrated  Network  Analyzer 


than  you  may  have  ever  seen  before.  And  faster.  The 
graphic  user  interface  and  information-rich  front  page 
shows  what's  happening  everywhere  on  your  network  in 
seconds  flat.  That  means  faster  fixes,  even  on  wireless, 

WAN  and  VLAN  segments.  That's  troubleshooting  with  super 
vision.  But  it's  not  all.  OptiView  also  gives  you  powerful 
monitoring  and  analysis  capabilities  to  optimize  your  net¬ 
work  performance.  In  fact,  it's  the  world's  only  integrated 
tool  that  combines  all  three  -  troubleshooting,  monitoring 
and  analytical  capabilities  -  into  a  single  portable  unit. 


Seeing  is  believing.  Go  to 
www.flukenetworks/optiviewdemo 
and  imagine  the  awesome  control 
it  puts  in  your  hands. 
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John  Dix 

Net scans 
delivered  as  a 
service 

When  we  last  caught  up  with  Qualys  a  year  ago,  the 
young  company  was  performing  about  400,000 
customer  network  vulnerability  scans  per  month, 
looking  for  about  2,500  unique  vulnerabilities.Today  the 
company  is  performing  a  million  scans  per  month,  looking 
for  3,300  potential  problems. 

To  refresh  your  memory  Qualys  offers  a  service  called 
QualysGuard  that  customers  can  use  to  scan  their  net¬ 
works  looking  to  see  what  ports  are  open  and  what 
servers  and  services  are  exposed.  External  scans  are 
launched  from  scanners  around  the  world,  while  internal 
scans  are  conducted  by  appliances  dropped  into  net¬ 
works  behind  firewalls.  All  results  are  viewed  from  a  Web 
interface. 

Chairman  and  CEO  Philippe  Courtot’s  timing  seems 
good. The  recent  spate  of  worm  outbreaks  is  reminder 
enough  that  perimeter  defenses  aren’t  enough  to  contend 
with  the  latest  threats.  Courtot  says  he  has  1 ,400  customers 
now,  200  of  them  global  companies  such  as  DuPont,  Pfizer 
and  Deloitte.  Company  revenue  doubled  last  year  to  $8  mil¬ 
lion,  and  he  says  it  will  soon  start  tripling. 

While  many  large  companies  still  only  do  vulnerability 
scans  a  few  times  per  year,  Qualys  customers  average  22 
scans  per  year,  Courtot  says.  About  90%  scan  every  two 
weeks,  and  60%  scan  every  week. 

He  says  that  even  as  scanning  levels  have  skyrocketed, 
the  number  of  bugs  reported  per  scan  —  crashed  ser¬ 
vers,  false  positives,  false  negatives  —  has  stayed  steady  at 
10  to  30. 

That’s  thanks  to  the  on-demand  nature  of  the  service. The 
software  is  hosted  on  Qualys’  hardware  (even  the  appli¬ 
ance  is  managed  by  Qualys), so  he  can  rehab  it  quarterly 
without  inconveniencing  customers.  What’s  more, “when 
we  eliminate  bugs,  we  do  it  for  all  customers  at  once,” 
Courtot  says.The  more  customers  we  have,  the  more  eyes 
we  have  identifying  potential  problems.” 

Besides  making  it  easier  for  him  to  deliver  quality  prod¬ 
uct,  the  on-demand  model  means  customers  can  change 
vendors  more  easily  A  customer  might  have  30  $3,000 
appliances  and  invested  two  months  to  install  the  service, 
“so  it  wouldn’t  take  much  to  swap  us  out,”  Courtot  says. 
That’s  an  incentive  for  Qualys  and  the  customer,  he  says, 
and  why  he  thinks  hosted  products  win  in  the  long  run. 

It  seems  a  given  at  this  point  that  companies  have  to  do 
more  vulnerability  scans.  So  it  is  really  just  a  question  of 
whether  you  use  a  service  like  Qualys’  or  bring  in  products 
from  companies  like  Preventsys  (see  www.nwfusion.com, 
DocFinder:  2432)  and  do  it  yourself. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 


www.nwfusion.com 


opinions 


A  switch  in  time 

Regarding  “Redmond  enlists  security  vendors  to 
automate  policy  compliance”  (www.nwfusion. 
com,  DocFinder:  2423): The  idea  that  Microsoft  can 
stop  an  exploit  at  the  software  level,  without  using 
the  switches  and  routers,  is  ridiculous. 

To  achieve  such  a  solution,  Microsoft  would  have 
to  not  allow  the  logon,  or  it  would  require  that  all 
systems  be  installed  on  segregated  LANs  that  can’t 
see  any  systems  except  VPN  servers,  and  that  all 
network  connectivity  would  have  to  pass  through  a 
VPN  server.  The  first  option  does  not  protect  the 
network  at  all  because  the  exploits  don’t  rely  on 
network  authorization;  worms  exploit  networks 
from  an  unauthenticated  connection  in  most 
cases.  The  second  option  would  work,  but  would 
not  be  very  efficient;  VPN  traffic  carries  a  heavy 
CPU  price,  and  to  perform  VPN  encryption/descrip¬ 
tion  would  impose  such  a  large  load  on  the  gate¬ 
way  CPU  that  network  performance  would  suffer. 

The  only  way  to  implement  an  isolation-based 
solution  to  system  integrity  management  is  to  do  it 
with  the  cooperation  of  the  network  switch, so  that 
the  virtual  LAN  assigned  to  the  switch  port  is  phys¬ 
ically  changed  after  a  node  is  authenticated  and 
authorized.To  complete  the  design,  the  authentica¬ 
tion,  deauthentication,  authorization  and  deautho¬ 
rization  processes  should  be  logged  for  a  minimal 
level  of  accountability 

Armand  Welsh 

Riverside,  Calif. 

History  lessons 

In  Mike  Zeigler’s  letter  to  the  editor,  he  described 
his  bad  experience  with  3Com  (DocFinder:  2022). 
It’s  too  bad  that  he  perceives  the  burn  to  have  crip- 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


pled  him  these  many  years  later.  Consider  what  un¬ 
fair  business  practices  at  Cisco  have  done  over  the 
same  amount  of  time  to  our  entire  electronics 
infrastructure.  Because  of  Cisco’s  assurance  to  the 
world  markets  that  it  would  get  and  keep  prices 
low,  the  company  has  effectively  dominated  the 
network  hardware  industry 

One  would  be  led  to  believe  that  is  the  American 
way  but  consider  what  would  have  happened  if  dur¬ 
ing  the  early  days  of  the  telegraph,  frontiersmen 
dropped  the  rates  on  the  pony  express  to  carry  mes¬ 
sages  and  information.  Further,  imagine  if  Americans 
back  then  opted  for  the  cheaper  price  rather  than 
for  the  better  equipment.That’s  essentially  what  has 
happened  and  is  only  ending  today  as  the  first 
cracks  appear  in  the  sprawling  Cisco  empire  and  its 
telephone  technology-based  switching  equipment. 

It’s  time  to  adopt  new  technology  and  lose  the  19th 
century  technology  that  the  Cisco  Kid  has  stuffed 
down  our  throats. 

Alfred  Brock 
Canton,  Mich. 

Mike  Zeigler’s  letter  reminds  me  of  my  experi¬ 
ence  with  3Com.  In  the  mid  1990s,  my  company 
installed  1 1  3Com  Model  3300  stackable  switches. 
From  the  second  week  of  operation,  a  pattern  of 
failure  began  to  emerge.  Seemingly  at  random,  the 
switches  locked  up  and  required  a  power-off  reset 
to  resume  functioning. 

After  four  weeks,  1  called  3Com  tech  support.The 
techs  would  not  listen  to  the  description  of  my 
problem  unless  I  gave  them  a  credit  card  number.  I 
refused.  Several  weeks  later,  I  found  out  that  the 
problem  was  well  known  and  required  a  firmware 
update  to  resolve.  But  that  information  didn’t  come 
from  3Com;  it  came  from  a  3Com  user  group  meet¬ 
ing.  We  haven’t  purchased  a  single  piece  of  3Com 
equipment  since  then,  nor  will  we  in  the  future. 

Rich  German 
Salinas,  Calif. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  2422 
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DEMO  INSIGHT 

Chris  Shipley 


First  the  good  news: Technology  innova¬ 
tion  is  returning  to  levels  not  seen  since 
the  start  of  the  Internet  boom.  In  the 
past  few  months,  I’ve  seen  dozens  of  great 
product  concepts,  working  prototypes  of  ex¬ 
citing  hardware  and  unique  software  appli¬ 
cations  that  will  deliver  real  value  to  business.  Each  concept  is  care¬ 
fully  conceived  and  well  engineered. The  market  analysis  has  been 
done, and  each  product  meets  a  real  and  unfulfilled  need  in  the  mar¬ 
ketplace.  And  to  top  it  off,  the  entrepreneurs  who  designed  these 
products  are  smart  and  determined. 

Now  the  bad  news:  Each  of  these  projects  is  unfunded  and  at  best  has 
long-shot  odds  of  getting  the  capital  needed  to  become  a  product. 

In  a  marketplace  fueled  by  innovation,  it  seems  implausible  that 
great  ideas  can’t  find  strong  backing,  yet  that  is  the  situation  in 
today’s  start-up  environment.  The  venture  capital  markets  are  the 
last  of  the  boom-gone-bust  players  to  turn  the  corner  to  full  recov¬ 
ery.  In  near  lock  step,  venture  capitalists  have  moved  from  the  most 
risky  early-stage  companies  to  find  safer  harbors  for  their  invest¬ 
ment  capital. 

Investors  are  looking  for  entrepreneurs  who  have  delivered  success 
in  the  past.They  are  looking  to  invest  in  markets  where  the  dynamics 
are  well  understood,  the  execution  plan  is  clear  and  customers  stand 
at  the  ready.  When  investors  find  someone  like  this,  they  take  notice. 
The  deal  is  less  risky,  and  these  days,  there  is  a  whole  lot  less  risk  in 
“risk  capital”  than  there  used  to  be.  While  no  new  venture  is  entirely 
safe,  established  entrepreneurs  in  established  markets  with  known 


Who  funds  innovation? 


customers  are  opportunity  enough  without  taking  a  flier  on  an  un¬ 
known  entrepreneur,  moving  into  a  new  market  segment. 

This  is  a  tough  time  to  be  raising  money,  especially  for  first-time 
entrepreneurs  who  are  pushing  hard  on  the  envelope  of  innovation. 
These  first-timers  have  difficulty  capturing  the  attention  of  estab¬ 
lished  venture  firms,  which  have  moved  much  of  their  focus  to  the 
relative  security  of  later-stage  deals.  Even  venture  capitalists  who 
package  themselves  as  seed  investors  expect  a  start-up  seed  to  be 
well  sprouted  before  adding  the  fertilizer  of  first  capital. 

Traditionally,  nascent  companies  would  turn  to  angel  investors  to 
provide  the  capital  to  get  them  rooted.  But  many  of  the  well-known 
angel  networks  simply  aren’t  making  new  investments  right  now.  In¬ 
dividuals  who  lost  significant  net  worth  in  the  Internet  crash  are 
extremely  cautious  with  what  wealth  they  managed  to  hold  onto. 
Thank  goodness  for  low  mortgage  rates  and  the  home  equity  loans 
that  are  supporting  more  than  a  few  start-ups  these  days. 

The  irony,  of  course,  is  that  many  compelling  new  ideas  are  moving 
around  the  industry  right  now.  Most  of  these  ideas  need  very  limited 
financing  to  bring  them  to  early  markets. Through  sheer  grit,  some  of 
them  will  break  through. 

Let’s  hope  so.The  technology  markets  will  be  a  whole  lot  more  inter¬ 
esting  with  these  products  in  them. 

Shipley  is  executive  producer  of  The  Demo  Conferences,  a  Network 
World-owned  event  that  showcases  emerging  technology  products  and 
services,  and  a  veteran  technology  watcher.  She  can  be  reached  at 
chris@demo.  com. 


Thank  goodness 
for  low  mortgage 
rates  and  the 
home  equity 
loans  that  are 
supporting  more 
than  a  few  start¬ 
ups  these  days. 


YANKEE  INGENUITY 

Howard  Anderson 

Last  month,  Cisco  rolled  out  its  CRS-1 
router  in  an  effort  to  win  back  customers 
that  had  migrated  to  Juniper.  The  prod¬ 
uct’s  main  attraction:  a  streamlined  version  of 
IOS.  But  it  was  IOS  that  had  won  the  hearts, 
minds  and  pocketbooks  of  the  original  cus¬ 
tomers.  Never  mind  that  there  had  been  so 
many  patches  on  IOS  that  it  was  now  unwieldy  Here’s  the  problem: 
While  some  customers  will  love  the  new  switch,  current  customers  get 
nervous  at  even  a  hint  that  their  older  products  might  see  a  lessening 
of  support.  So  Cisco  is  in  a  bind;  it  must  keep  existing  customers  from 
becoming  mutinous  while  attracting  new  customers.  For  Juniper,  the 
role  is  easier  —  it  can  keep  aiming  at  the  high  end  because  it  doesn’t 
have  Cisco’s  installed  base. 

This  is  the  classic  dilemma  of  the  communications  industry  —  keep¬ 
ing  customers  loyal  while  aiming  for  new  customers.  It’s  a  balancing  act 
of  epic  proportions. 

What  can  companies  do  to  retain  customer  loyalty?  One  method  that 
used  to  work  is  to  keep  the  same  sales  and  service  employees  who 
have  always  dealt  with  a  particular  customer  assigned  to  that  cus¬ 
tomer’s  account.  But  the  sales  guys  are  attracted  to  either  the  hot  new 
box,  where  the  commissions  are  greatest,  or  to  the  new  customer,  where 
opportunities  are  more  evident.  When  firms  such  as  Verizon  do  em¬ 
ployee  buyouts,  those  with  seniority  —  and  those  customer  contacts  — 
are  the  first  to  leave.  So  then,  to  whom  am  I  loyal?  James  Earl  Jones,  the 
spokesman  for  Verizon?  1  like  his  voice,  but  he  wasn’t  the  guy  who 
installed  my  DSL 

Another  way  that  companies  used  to  encourage  loyalty  was  the  an¬ 
nual  users  meeting  —  a  rah-rah  session  where  senior  management  told 
customers  how  good  things  were  going  to  be  next  year.  A  great  way  to 
blow  through  a  million  bucks  or  so,  but  doesn't  quite  hack  it  anymore. 
Another  way  was  bundling  —  if  a  customer  bought  more  and  more  ser¬ 
vices,  the  cost  would  go  down.That  worked  until  the  competition  could 


The  customer  loyalty  conundrum 


match  and  then  beat  the  price  of  selling  the  individual  elements  a  la 
carte.  Am  I  really  to  believe  that  Verizon’s  service  is  better  than  AT&T’s 
when  I  know  that  AT&T  uses  the  exact  same  infrastructure  as  Verizon  — 
and  in  fact  is  buying  wholesale  from  Verizon  and  then  selling  to  me  at  a 
discount  from  the  Verizon  price? 

My  son  is  loyal  to  Virgin  Wireless,  which  is  a  Sprint  reseller.  Why?  Be¬ 
cause  he  thinks  Richard  Branson  is  cool  and  because  he  hopes  to 
have  neat-o  features  such  as  ring  tones  that  play  Phish  favorites  and 
games  that  he  can  play  while  he  pretends  to  study  But  how  deep  is  that 
loyalty?  “Cool”  is  hardly  a  rock  upon  which  to  build  a  Loyalty  Church. 

By  now  we  know  one  truth:There  is  no  loyalty  in  communications  — 
anywhere.  I  am  loyal  to  the  last  company  that  didn’t  screw  with  me. On 
any  given  day,l  am  swearing  never  to  do  business  with  (pick  one)  Com¬ 
cast,  Verizon,  AT&T  Wireless,  Nextel...  the  only  real  issue  is  who  has 
screwed  with  me  lately  Verizon  has  35  million  local  phone  customers 
and  on  any  given  day  34  million  of  them  are  enticed  by  the  promises 
of  at  least  a  dozen  other  competent  firms  —  six  landline,  six  wireless. 

So  to  whom  am  1  loyal?  To  whom  are  you  loyal?  Cisco?  Juniper? 
Oracle?  Nextel?  Do  you  have  different  criteria  for  business  or  consumer 
products?  Have  you  gotten  so  cynical  that  it  doesn’t  matter?  1  used  to  fly 
United  and  American  and  U.S.Air  —  today  1  don’t  care,  and  the  airline 
affiliation  rewards  programs  cancel  each  other  out.  My  PC?  Don’t  care 
if  it’s  an  HR  IBM,  Dell  or  Sony  —  all  are  acceptable.  I  am  happy  with  my 
DirecTV  this  week  —  but  I  have  no  other  choice  in  Vermont  and  am 
gratified  that  it  works  at  all.  And  thanks  for  reading  Network  World  this 
week  —  please  redeem  your  copy  for  10%  off  your  next  Latte 
SuperMochaGrandeVente  at  Starbucks. 


There  is  no 
loyalty  in  commu¬ 
nications  —  any¬ 
where.  I  am  loyal 
to  the  last  com¬ 
pany  that  didn’t 
screw  with  me. 


Anderson  is  senior  managing  director  of  YankeeTek  Ventures,  a 
Cambridge,  Mass.,  venture  capital  fund  for  early-stage  technology  com¬ 
panies.  He  is  also  founder  of  The  Yankee  Group  and  the  William  Porter 
Distinguished  Lecturer  at  the  Massachusetts  Institute  of  Technology.  He 
can  be  reached  at  handerson@yankeetek.com. 
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What  applications  are  on  my  network? 

Are  my  QoS  policies  working? 

Is  non-critical  or  unauthorized  traffic  driving  up  costs? 
Where  in  the  network  is  my  response  time  degrading? 
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How  is  my  VoIP  deployment  impacting  other  applications? 
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How  can  I  see  clearly?  — 

Get  visibility  with  the  nGeniu s®  Performance  Management 

Solution,  a  unified  approach  to  network  and 
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Performance  Manager 


n  Genius 


The  nGenius  Performance  Management  System  opens  your  eyes  to  how  applications  are  behaving  -  right  now, 
in  real-time.  Based  on  the  innovative  CDM  Architecture,  this  system  gathers  network  and  application  performance 
data  from  across  the  infrastructure  and  transforms  it  into  actionable,  business-relevant  information,  so  your 
decisions  are  based  upon  a  clear  understanding  of  all  converging  demands. 

Find  out  how  NetScout  has  been  helping  meet  these  challenges  in  world-class  organizations  for  over  20  years, 
and  receive  a  copy  of  our  "Network  Performance  Management:  A  Buyers  Guide"  whitepaper  by  visiting 

www.netscout.com/ad/nw06. 
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NetScout 


NetScout  Systems.  Inc.  310  Littleton  Road,  Westford,  MA  USA  01886  978-614-4000 


With  multiple  point  products  available,  managers  must  mix  and  match 
to  find  the  best  approach  for  their  networks. 


It  would  be  great 
if  network  man¬ 
agers  could  gather 
end-to-end  perfor¬ 
mance  data  for 
specific  applica¬ 
tions  and  adjust 
the  network 
accordingly.  Un¬ 
fortunately,  that 
magic  bullet  doesn’t 
exist.  Instead,  net¬ 
work  managers  are 
cobbling  together  a 
variety  of  point 
products.  In  this 
Technology  Insider, 
network  execs  from 
leading-edge  com¬ 
panies  describe 
their  efforts  to  get 
a  grip  on  applica¬ 
tion  management. 
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Battle  for 
bandwidth: 

Racketeer's  WAN 
application  accelera¬ 
tion  appliances  help 
American  Business 
Maintenance  make 
better  use  of  its 
bandwidth. 
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On  point: 

A  guide  to  some  of  the 
top  point  products  for 
application  perfor¬ 
mance  management. 

OnliflG.  Living 

Buyer’s  Guide: 

Network  configuration 
management. 

www.nwfusion.com, 
DocFinder:  2430 


Application  management: 
A  work  in  progress 


■  BY  DENISE  DUBIE 

Cosmetics  giant  Mary  Kay  is  in  the 
midst  of  an  extreme  makeover  —  one 
that  will  overhaul  and  enhance  the 
company’s  application  performance 
management  strategy 

Steve  Moore,  technology  leader  for 
Mary  Kay  Information  Services  and 
Technology  in  Dallas,  says  his  organiza¬ 
tion  is  evolving  its  processes  and  fine- 
tuning  technologies  to  be  able  to  pre¬ 
dict  application  performance  issues, 
rather  than  simply  react.  While 
acknowledging  it  might  sound  cliched, 
he  says  transitioning  from  a  reactive 
firefighting  group  to  a  proactive  appli¬ 
cation  management  team  is  an  IT  pri¬ 
ority  for  the  retail  sales  company 

“We  care  if  a  core  router  goes  down, 
but  we  also  want  to  be  able  to  predict 
the  other  things  that  will  be  affected  if 
one  does,”  Moore  says.“For  us,  applica¬ 
tion  nirvana  will  be  becoming  more 
predictive  and  understanding  the 
behavior  of  applications  directly  in 
relation  to  our  business  processes.” 

See  App  management  page  36 


‘"tvn 


IlM  \  a  %  HR 

.  -  • 

1\\ \  V 

Hi  j 

> 

H 

Can  you  see  it? 


Middleware  is  Everywhere 


,  -  *.  'I 

SB*- -  ■  -  - Z^*****^ 

*■*%  HI*  9  | 

1 

» 

Sitsi 

0  ■ " 

J  * 

A 

1  I  ni  j? 

flB 

V-  ■  : 

Ml 

|pg&  i 

g  Bj 

1 

1  . — ' 

■  |HM 

E| 

j 

I H 

■  .  /Hi 

Sk  .  |  ;,jr;  ,  ■  |-  ' 

gS] 

B  _  H.  'r  * 

?Bz9B  .  , .  .  .. 

IBM.  the  IBM  logo  DB2  and  WebSphere  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in 
"  2004  IBM  Corporation.  All  rights  reserved. 


/I 

1 

-it 

Middleware 

MIDDLEWARE  IS  IBM  SOFTWARE.  Powerful  software 

like  DB2®  and  WebSphere®  that  can  connect  your  business 
end-to-end.  You  can  build  upon  your  existing  applications, 
creating  a  responsive  environment  where  partners,  vendors 
and  customers  can  easily  work  together.  And  IBM  software 
is  based  entirely  on  open  standards  for  maximum  efficiency, 
flexibility,  speed  and  agility.  That’s  ON  DEMAND  BUSINESS. 

1.  Car  notifies  owner  for  service. 

2.  Factory  informed  immediately. 

3.  Supplier  ships  parts  instantly. 

4.  Dealer  inventory  adjusts  in  real  time. 

5.  Car  back  on  road  in  no  time. 

See  how  middleware  works.  See  how  it  helps  businesses  succeed.  See  it  at  ibm.com/middlewaro/integrate 
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App  management 

continued  from  page  33 

Moore  is  among  those  enterprise  network 
managers  who  have  been  charged  with 
adapting  their  basic  element  and  device 
monitoring  tools  into  intelligent  application 
management  systems  that  will  dynamically 
respond  to  changing  end-user  and  business 
demands  and  deliver  optimized  applica¬ 
tion  performance.  Unlike  in  the  past,  when 
availability  management  tools  —  which  re 
ported  up/down  status  for  devices,  servers 
and  so  on  —  sufficed,  today’s  IT  managers 
demand  more  information  about  potential 
performance  bottlenecks  across  multiple 
networks  and  devices. 


agement.The  software  typically  measures 
response  time  across  multiple  infrastruc¬ 
ture  components  and  provides  the 
option  to  identify  the  most  likely  cause  of 
the  problem,  after  the  slowdown  has 
occurred. 

Newcomers  such  as  Collation,  Entuity, 
ProactiveNet,Troux  Technologies, Vieo 
and  Wily  Technology  also  deliver  tools  to 
track  response  time  metrics,  potential 
application  code  errors  and  more.  New 
vendors  tend  to  talk  more  of  monitoring 
all  else  for  the  sake  of  the  application,  and 
integrate  with  network  management  tools 
such  as  HP  Open  View  to  bring  those  net¬ 
work  fault  and  events  into  the  analysis  of 
application  performance. 

WAN  optimization  companies  such  as 
Expand  Networks,  NetScaler,  Packeteer  and 


Application  management  requires  a  layered  approach 

Ideally,  to  manage  applications,  network  managers  need  to  monitor 
performance  at  each  layer  in  the  network  stack,  roll  the  data  into  one 
system  and  then  apply  intelligent  correlation  and  analysis  tools  to 
determine  the  cause  of  performance  issues. 


Application  management 
console 


Correlation 

models 


Analysis 


Correlation 


Application  management  “nirvana”  requires  many 
systems  working  to  filter  multiple  network,  server, 
database  and  application  events  into  one  pane  of  glass, 
or  a  single  management  console  interface,  providing 
intelligent  analysis  on  volumes  of  performance  data. 
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vices  to  help  customers  tackle  application 
management.  These  vendors  recognize 
that  intelligent  and  dynamic  application 
management  is  a  critical  component  of 
their  ultimate  goal  of  automating  data 
center  operations,  provisioning  and  re 
source  allocation. 

“The  application  performance  manage 
ment  market  is  fierce;  every  vendor  wants 
a  piece  of  it,” says  Jasmine  Noel,  principal 
at  Ptak,  Noel  &  Associates. 

Despite  the  many  ways  to  manage  appli¬ 
cations  —  or  perhaps  because  of  the  mul¬ 
tiple  approaches  —  achieving  an  afford¬ 
able  and  maintainable  application  man¬ 
agement  system  continues  to  pose  a  chal¬ 
lenge  to  enterprise  network  managers. 

“Network  managers  are  being  inundat¬ 
ed  with  events  set  on  40  different  thresh¬ 
olds,”  Elliot  says.They  need  correlation 
diagnostics,  a  tool  that  says  all  these 
events  mean  there  could  be  an  applica¬ 
tion  performance  problem  at  this  time  in 
this  environment.” 

Monitoring  application  behavior  is  diffi¬ 
cult  for  IT  managers  and  vendors  alike 

_ ^  because  applications 

typically  don’t  take  the 
same  route  to  fulfill 
each  end-user  request. 
For  example,  an  online 
ordering  system  would 
send  the  Web  site  cus¬ 
tomer’s  request  for 


Event  consolidator 


Performance  metrics  such  as  response  time,  memory,  CPU 
usage  and  latency  are  rolled  into  one  system  in  which  they 
are  normalized,  or  translated  into  a  common  format,  and 
passed  along  to  a  correlation  engine. 
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Although  management  is  moving  away  from  element-centric 

SOURCE:  META 

approaches,  data  collected  from  disparate  infrastructure  components 
remains  critical  to  calculating  overall  application  performance. 

GROUP.  MAY  2004 

“Application  management  needs  to  bring 
together  a  lot  of  different  data  points  and 
perform  automated  analysis,”  says  Stephen 
Elliot,  a  senior  analyst  with  IDC.The  market 
research  firm  estimates  that  performance- 
management  software  revenue  will  experi¬ 
ence  a  7.4%  annual  growth  rate  over  the 
next  five  years,  reaching  $4.48  billion  by 
2007.  Application  management  tools  aren’t 
new,  but  in  the  past  year  or  so,  the  demand 
for  products  grew  and  vendors  began  to 
attack  application  management  from  dif¬ 
ferent  angles. 

Management  veterans  such  as  BMC 
Software,  Computer  Associates,  Compu- 
ware,  Concord  Communications,  Mercury 
Interactive,  Micromuse,  NetlQ  and  Smarts 
each  offer  multiple  products  that  promise 
to  address  application  performance  man¬ 


Beribit  Networks  address  application  per¬ 
formance  with  their  high-availability  gear 
that  speeds  packets  across  WANs.  While 
their  focus  is  on  the  wide  area,  traffic  moni¬ 
toring  tools  also  can  watch  application  traf¬ 
fic  on  the  LAN  for  performance  issues. 

CA,  for  example,  acquired  technology 
from  SilentRunner  in  2003  to  add  traffic 
monitoring  and  packet  analysis  capabili¬ 
ties  to  its  Unicenter  management  soft¬ 
ware  line.  BMC  recently  partnered  with 
Packeteer  to  add  the  latter  vendor’s  net¬ 
work  traffic  management  technology  to 
BMC’s  application  and  systems  manage¬ 
ment  tools. 

Industry  heavyweights  IBM  and  HR 
which  have  been  stumping  for  their  re¬ 
spective  utility  computing  product  road 
maps,  offer  management  software  and  ser¬ 


more  information  through  a  router  to  a 
Web  server,  which  then  needs  to  pull  data 
from  either  a  database  or  storage  device. 
Once  the  information  is  gathered,  the 
delivery  could  take  a  different  route  back 
to  the  end  user. 

Because  these  tools  need  to  capture  the 
data  at  each  step,  it  becomes  difficult  for 
IT  managers  and  vendor  products  to 
understand,  control  and  then  predict  per¬ 
formance  problems.Typically  capturing 
data  at  multiple  points  requires  agents  on 
managed  systems,  a  time-consuming  (and 
costly  if  considering  product  upgrades) 
process.“Right  now  for  application  man¬ 
agement,  network  managers  are  defining 
one  key  service  and  starting  there,”  IDC’s 
Elliot  says. 

Adding  to  the  challenge  is  that  today 
there  is  no  one  guaranteed  approach  or 
one  commercial  product  to  manage 
applications.  While  vendors  say  other¬ 
wise,  network  managers  seem  to  accept 
the  fact  and  cobble  together  multiple 
tools  to  get  data  on  how  their  critical 
applications  behave. 

“I  can’t  imagine  having  the  financial 
resources  or  the  staff  to  maintain  that  type 
of  product  if  it  did  exist,”  Moore  says. 

Yet  Moore  says  he  still  is  working  to  re¬ 
duce  the  number  of  tools  needed  to  mon¬ 
itor  application  performance  and  to  do  so 


cost-effectively  He  uses  products  from 
BMC,  Micromuse  and  NetlQ,  among  oth¬ 
ers,  to  track  application  performance 
across  600  or  so  Windows  servers  support¬ 
ing  Mary  Kay’s  Web  environment.  Still, 
when  it  comes  to  getting  the  simple  red, 
yellow  or  green  light  to  indicate  overall 
application  status,  Moore  says  the  dash¬ 
board  capabilities  of  the  products  used 
at  Mary  Kay  “at  this  time  are  not  imple¬ 
mented  on  a  wide  scale.” 

“We  had  multiple  different  screens,  multi¬ 
ple  different  monitors  all  reporting  on  dif¬ 
ferent  metrics,”  Moore  says.  He  says  he  was 
able  to  reduce  the  number  of  manage¬ 
ment  consoles  and  get  more  pertinent 
data  by  tying  Micromuse  and  NetlQ  closely 
together.“We’ve  got  them  set  up  to  go  to 
the  application  layer  and  monitor  response 
time  within  that  environment,” he  says. 

Kim  Jahnz,  lead  WAN  data  network  engi¬ 
neer  for  Aurora  Health  Care  in  Milwaukee, 
reports  a  similar  situation  on  her  networks. 
She  uses  Concord’s  products  alongside 
Aprisma  software  and  other  tools  to  track 
the  performance  of  core  business  and 
medical  applications.  Jahnz  uses  Concord’s 
Application  Response  feature  to  track  spe¬ 
cific  response  times  and  to  better  under¬ 
stand  how  the  application  interacts  with 
end  users.  Application  Response  monitors 
the  response  of  general  repetitive  functions 
within  an  application  and  overall  user 
experience.  She  uses  robot  PCs  in  the  field 
that  run  scripts  performing  certain  func¬ 
tions  to  get  a  read  on  application  response 
in  different  business  units. 

Now  five  years  into  working  with  Con¬ 
cord,  Jahnz  says  application  response 
monitoring  is  not  a  quick  install,  and  con¬ 
figuring  Concord  and  other  systems  such 
as  Aprisma’s  Spectrum  is  an  ongoing  pro¬ 
cess  that  involves  IT  and  business  man¬ 
agers.  Like  Moore,  Jahnz  needed  to  narrow 
down  the  monitoring  metrics  to  get  a  han¬ 
dle  on  managing  applications. 

“Some  [business  managers]  want  every¬ 
thing  monitored  while  others  want  one 
small  function,” she  says.Too  much  moni¬ 
toring  and  the  numbers  start  to  fade  into 
each  other;  too  little,  and  you  aren’t  get¬ 
ting  a  real  ‘user  perspective.’” 

The  team  at  Quest  Diagnostics,  a  med¬ 
ical  testing  and  diagnostics  firm  in 
Teterboro,  N.J.,  uses  BMC,  Concord  and 
HP  Open  View  software  in  conjunction  to 
first  prioritize  applications  and  then  to 
ensure  service-level  agreements  (SLA)  are 
met.The  software  monitors  Windows 
2000,  Unix,  mainframe,  Oracle,  Sybase, 

SQL,  Exchange,  BEA  WebLogic,  IBM 
WebSphere  and  more  in  Quest’s  network. 

For  capacity  planning  manager  Boris 
Gdalevich  and  senior  analyst  Sean 
Haines,  working  with  business  managers 
to  define  and  then  put  tools  in  place  that 
fulfill  pre-set  service  levels  is  critical. 
Business  goals,  profits  and  potential  losses 
play  a  direct  role  in  Quests  application 
management  strategy. 

“The  highly  profitable  and  visible  pro¬ 
jects,  the  ones  that  follow  tough  SLAs,  are 
the  first  in  line  for  proactive,  intelligent 
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enterprise  monitoring,”  Haines  says. 

Gdalevich  adds, “Stockholders  would  not 
accept  nor  understand  a  situation  when 
the  company  would  pay  out  an  SLA  fee  or 
when  an  investment  shows  no  profit.” 

While  not  business-related,  IT  managers 
running  networks  supporting  military  and 
government  operations  also  struggle  to 
keep  applications  in  line  and  service 
delivery  up  to  snuff. 

The  Marine  Corps  Network  Operations 
and  Security  Command  (MCNOSC)  in 
Quantico,Va.,  houses  all  IT  services  for  the 
Marine  Corps.The  Marine  Corps  Enterprise 
Network  (MCEN)  is  for  internal  users  only 
and  contains  about  14,000  devices  and 
8,000  routers,  switches  and  bridges. 

The  MCNOSC  uses  HP  OpenView  for 
WAN  monitoring;  Concord  eHealth  for 
trend  analysis;  CiscoWorks  2000  for 
routers,  switches  and  bridges;  and  NetlQ 
AppMan-ager  for  managing  services, 
desktops  and  applications.  MCEN  runs 
1,293  legacy  applications  —  60%  desktop 
and  40%  server. 

Marine  Corps  Capt.  Sabre  Schnitzer  says 


he  needed  to  deploy  a  Network  Common 
Operational  Picture  (NetCOP)  in  “Marine 
speak,”  or  Manager  of  Managers  in  technol¬ 
ogy  talk.  MCEN  connects  and  controls  all 
bases,  posts  and  stations  for  the  Corps,  so  “if 
service  goes  down,  the  entire  Corps  feels 
the  impact,”  Schnitzer  says. 

He  purchased  Smarts  InCharge  prod¬ 
ucts  to  serve  as  the  NetCOP  to  integrated 
data  from  multiple  management  systems. 

“Microsoft  Exchange  2003  and  the 
Defense  Messaging  System  are  the  Marine 
Corps  personal  and  organizational  messag¬ 
ing  platforms.  When  it  takes  more  than  30 
seconds  for  a  page  to  load,  users  go  ber¬ 
serk,  so  we  needed  a  notification  system 
that  sends  an  alert  when  response  times 
for  SAP  hit  25  seconds  or  greater,”  he  says. 

Schnitzer  says  his  group  worked  with 
program  managers  to  identify  the  metrics 
they  wanted  monitored  and  set  thresholds 
for  performance.  He  says  if  a  threshold  is 
set  for  Exchange  at  75%,  and  the  level  is  at 
76%, the  light  is  green;  however,  if  it  drops 
to  75%  or  74%,  the  light  goes  red. 

“Technicians  need  only  the  relevant 


information.They  don’t  need  to  track  per¬ 
centages,”  he  says.’They  simply  look  at 
colors.  Green  is  good.  Red  is  bad. Simple.” 

Ellis  Admire,  director  of  emerging  tech¬ 
nologies  at  Direct  Holdings  Services  in 
Virginia  Beach, Va.,  makes  customer-facing 
and  Web  applications  a  top  priority  in  the 
Candle  (recently  acquired  by  IBM)  and 
Mercury  products  deployed  on  his  net¬ 
work.  He  says  the  products  don’t  monitor 
“end-to-end”  application  performance,  and 
he  has  to  manually  aggregate  data  from 
traffic  monitoring  and  LAN  monitoring 
systems  into  his  application  management 
system.  He  says  the  management  process 
will  continue  to  require  upgrades  and 
constant  fine-tuning  to  adequately  track 
application  performance. 

“Application  monitoring  is  tricky  because 
most  tools  require  an  agent  on  the  plat¬ 
form  and  it  needs  a  module  specific  to  the 
application  you  are  monitoring,”  Admire 
says.“To  come,  there  should  be  industry 
accepted  standards  of  monitoring  for 
applications  such  as  the  standards  that 
exist  for  LAN  and  hardware  monitoring.” 


Groups  such  as  the  Datacenter  Markup 
Language  Organization,  the  Organization 
for  the  Advancement  of  Structured  Inform¬ 
ation  Standards  and  others  are  working 
toward  standards  that  would  let  applica¬ 
tions  and  the  tools  that  monitor  them 
more  easily  integrate  and  collaborate  to 
enable  automation.  But  while  the  industry 
works  on  standards  and  vendors  add 
more  intelligence  and  automation  to  their 
products,  network  managers  say  they  will 
continue  to  manage  applications  with 
multiple  tools,  manual  effort  and  more 
time  than  their  schedules  should  allow. 

“Good  monitoring  of  applications  takes 
time,  a  lot  of  planning  and  understanding 
of  how  the  application  actually  works,” 
Aurora  Health  Care’s  Jahnz  says. 

And  Mary  Kay’s  Moore  adds, “Don’t 
expect  to  ever  get  one  tool  to  do  this. 
There  is  no  product  that  can  give  you 
the  application  management  viewpoints 
you  need  from  a  technical  and  business 
perspective.”  ■ 


I  JK  merican  Business  Maintenance  in  1999  found  itself 
between  a  rock  and  a  hard  place. 

1  am  The  company  wanted  to  standardize  multiple 
|  application  platforms  on  Citrix  and  deliver  the  applica- 
I  tions  from  a  centralized  data  center  via  a  WAN  to  more 
1  than  200  locations.  While  consolidating  resources  to  one 
I  data  center  would  save  staff  time  and  budget  dollars, 

I  ABM  could  not  let  application  performance  suffer. 

"It's  imperative  that  remote-office  users  get  access  to 
I  applications  as  though  they  were  here,”  says  Sean 
|  Finley,  assistant  vice  president  and  deputy  director  at 
|  ABM,  a  large  facilities  contractor  in  San  Francisco. 

ABM  runs  about  40  applications,  including  Lotus 
I  Notes,  Microsoft  Office  and  payroll,  on  50  Windows  ter- 
1  minal  servers  using  Citrix.  Citrix  lets  IT  managers  run 
I  applications  on  a  remote  server  rather  than  at  the 
I  desktop.  ABM's  remote  offices  connect  to  the  data 
1  center  via  frame  relay,  DSL  and  broadband,  depending 
I  on  the  location. 

ABM  also  needed  to  identify  the  Citrix  traffic  on  the 
|  WAN,  and  go  a  step  further,  by  identifying  which  Citrix 
|  application  (payroll  or  Word,  for  example)  ranked  higher 
I  than  others.  ABM  gives  priority  to  Citrix  applications 
I  over  all  others,  and  then  they  get  more  detailed  by 
I  assigning  another  priority  on  which  a  Citrix  application, 
I  such  as  payroll,  gets  bandwidth  before  others. 

The  company  had  a  choice:  buy  bandwidth  as  applica- 
1  tions  demand  or  optimize  use  of  the  bandwidth  it  had  in 
I  place.  "We  wanted  to  reduce  costs  by  standardizing, 

I  not  incur  more,"  Finley  says. 

Enter  Racketeer.  ABM  deployed  about  85  Packet- 
I  Shaper  appliances  to  remote  sites  and  set  up  a  mas- 
|  ter  box  in  its  data  center.  The  company  says  using 
1  Racketeer's  traffic-shaping  and  compression  technol¬ 


ogy  in  2003  saved  ABM  more  than  $575,000  in  band¬ 
width  costs.  (The  company  reduced  the  amount  of 
bandwidth  it  needed  to  support  its  applications  and 
services  over  the  WAN.)  With  the  technology,  ABM 
also  saw  a  30%  reduction  in  the  amount  of  bandwidth 
needed  to  send  the  same  amount  of  data,  so  perfor¬ 
mance  improved. 

Pricing  for  Racketeer  products  ranges  from  $2,250 
to  $48,000,  depending  on  link  size  and  features  includ¬ 
ed.  A  service  contract  is  15%  of  the  cost  of  the  prod¬ 
uct  per  year. 

Racketeer,  like  competitors  Expand  Networks,  Fine- 
Ground  Networks  and  Peribit  Networks,  offers  soft¬ 
ware  applications  packaged  on  an  appliance  to  monitor 
and  optimize  WAN  traffic.  PacketShaper  targets  bottle¬ 
necks  in  WAN  application  performance,  as  application 
traffic  enters  the  enterprise  in  the  last  mile  between 
the  campus  and  the  WAN  cloud. 

The  hardware  sits  between  LANs  and  WAN  routers 
and  can  reserve  bandwidth  for  key  applications  and 
queue  traffic  by  application  so  the  top-priority  applica¬ 
tions  get  bandwidth  over  less  critical  traffic.  Rac¬ 
keteer's  compression  technology  uses  pattern  recogni¬ 
tion  to  compress  data,  which  can  optimize  the  perfor¬ 
mance  of  important  applications  across  WAN  links 
where  bandwidth  is  limited. 

“We  are  now  able  to  discover  traffic  as  it’s  coming 
through.  We  can  see  what  is  going  in  and  out  of  the  site, 
all  the  various  protocols,"  says  Tony  Kloeppel,  data 
communications  manager  at  ABM.  "We  set  policies 
that  give  the  Citrix  application  priority  over  everything." 

Industry  watchers  credit  appliances  from  Racketeer 
and  others  for  performing  specialized  tasks  on  opti¬ 
mized  boxes,  yet  appliances  represent  a  small  part  of 


the  overall  management  product  market —  10%, 
according  to  consulting  firm  Enterprise  Management 
Associates  (EMA).This  number  includes  management 
appliances,  such  as  packet  shapers,  and  security  and 
configuration  management  boxes. 

Appliances  can  offer  a  low  entry  price,  quick  installa¬ 
tion  and  high-availability,  but  depending  on  the  product, 
might  not  scale  as  well  as  distributed  software  or  inte¬ 
grate  into  existing  systems  as  easily.  Also  with  multiple 
distributed  appliances,  data  correlation  —  a  must-have 
for  any  enterprise  application  performance  manage¬ 
ment  strategy  —  becomes  more  difficult. 

For  its  part,  Racketeer  also  offers  software  applica¬ 
tions  such  as  PolicyCenter  and  ReportCenter  that  let  IT 
managers  administer  multiple  appliances,  distribute 
configuration  updates  in  a  one-to-many  manner,  set 
policies  and  generate  reports  based  on  traffic  statis¬ 
tics,  such  as  top  talkers,  application  usage  and  band¬ 
width  hogs.  ABM  plans  to  roll  out  both  software  appli¬ 
cations  in  the  coming  months. 

Competitor  Expand  recently  added  stand-alone  soft¬ 
ware  to  its  product  roster,  and  FineGround  started 
offering  its  software  also  packaged  as  an  appliance. 

In  ABM's  case,  Kloeppel  says  the  PacketShaper 
appliances  work  independently  from  the  company's 
other  management  products  such  as  HP  OpenView 
and  mostly  address  WAN  traffic.  Although  Packet¬ 
Shaper  has  spotted  PCs  on  the  LAN  getting  a  surplus 
of  packets  sent  their  way,  which  indicates  a  potential 
security  attack. 

"We  don’t  use  it  to  monitor  application  performance 
on  the  LAN,  but  it  has  become  a  good  tool  to  solve 
problems  there,"  Kloeppel  says. 

—  Denise  Dubie 


COMPANIES  THAT  PUT  VOICE  ON  THE 
NETWORK  CHOOSE  THE  COMPANY 
THAT  BUILT  THE  NETWORK. 

When  voice  joins  data  on  a  secure  network,  some  remarkable  things  can  happen.  Instead  of  managing  different  flavors  of  PBX  from  location  to  location,  you  can 
handle  everything  from  one  place,  saving  time  and  money — not  to  mention  mileage  on  IT  staff  shoes.  And  with  over  20  years  of  proven  networking  experience, 
Cisco  has  become  the  standard  for  millions  of  voice  IP  users  around  the  world.  It's  why  over  half  of  the  Global  500  have  chosen  Cisco  to  rethink  the  way  they 
handle  voice.  And  their  business.  Are  you  in  yet?  To  learn  how  Cisco  can  help  you  plan,  design  and  implement  an  end-to-end  IP  solution,  visit  cisco.com/go/ipcnow. 

NOW,  OVER  THREE  MILLION  PEOPLE  ARE  USING  CISCO  IP  PHONES. 


THIS  IS  THE  POWER  OF  THE  NETWORK.  nOW. 
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Application  management 

On  point 

A  tour  of  some  of  the  top  point  products  in  application  performance  management. 


The  complexities  of  application  management 

Application  management  is  difficult  because  it  involves  gathering  information, 
resolving  performance  problems  and  gaining  control  across  an  entire 
network.  Multiple  systems  play  into  end-to-end  performance  management. 
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g  BY  R.  LYNN  NYE  JR. 

Unless  you  lived  it,  it  sounds  a  lot  like  a 
fable.  But  once  upon  a  time,  under  IBM’s 
System  Network  Architecture,  IT  systems 
had  real  end-to-end  visibility  and  traffic 
control.  If  you  listen  to  the  vendor  claims, 
it  would  seem  as  if  we’ve  regained  that 
ability  in  today’s  IP-based  networks. 

While  application  performance  man¬ 
agement  (APM)  point  products  certainly 
are  getting  better,  the  reality  is  that  there 
is  no  single  end-to-end  solution  today 
Furthermore,  there  are  no  products  that 
operate  at  Layer  7,  the  application  layer. 
Lack  of  industry  cooperation  leaves  cus¬ 
tomers  struggling  to  piece  together  a 
comprehensive  solution. 

Still,  there  are  technologies  that  bring 
immediate  value  and  therefore  are 
worth  the  effort.  Here’s  a  sampling  of 
some  of  the  more  interesting  and  effec¬ 
tive  application  management  products 
on  the  market. 

Where  to  start 

The  foundation  for  application  perfor¬ 
mance  starts  in  the  data  center,  where  an 
organization  must  have  a  solid  applica¬ 
tion  infrastructure.This  includes  opera¬ 
tional  and  performance  management, 
which  can  be  challenging  in  a  multi¬ 
tiered  application  environment. 

There  are  many  point  products  focused 
on  elements  of  the  application  infrastruc¬ 
ture,  but  the  requirement  today  is  to  man¬ 
age  the  multiplexed  dependencies 
between  hardware,  network,  operating 
systems  and  applications. 

To  help  customers  understand  the  inter¬ 
dependencies  associated  with  these  com¬ 
plex  application  infrastructures,  compa¬ 
nies  such  as  Collabra  and  Relicore  have 
introduced  products  that 
assist  in  organizing 
resources  logically  in  rela¬ 
tion  to  the  applications 
they  support. 

Taking  this  to  the  next 
level, Vieo  addresses  infor¬ 
mation  gathering,  prob¬ 
lem  resolution  and  con¬ 
trol  of  application  perfor¬ 
mance  in  one  appliance. 

The  company  collects 
data  on  the  physical  and 
logical  resources  needed 
to  develop  not  only  a  logi¬ 
cal  view  of  resource  rela¬ 
tionships,  but  also  how 
various  applications  con¬ 
sume  resources. 

Vieos  instrumentation 


also  provides  an  in-depth  view  of  how 
the  interaction  of  services  within 
resources  enable  or  impede  system  vs. 
element  performance. The  system  also 
can  make  real-time  adjustments  to  align 
resources  to  meet  performance  goals 
based  on  defined  polices. 

The  information  gap 

Many  vendors  have  found  that  compa¬ 
nies  don’t  have  the  basic  information  to 
understand  what  problem  needs  to  be 
solved  or  how  to  stay  in  step  with  the  fast¬ 
changing  dynamics  of  the  network 
environment. 

Many  companies  obtain  broad  system 
information  from  alternative  sources,  but 
then  need  to  analyze  it  and  convert  that 
knowledge  into  specific  configurations  for 
their  management  tools,  control  prod- 
ucts.To  fill  the  gap,Corvil  has  a  network 


performance  appliance  that  obtains 
detailed  network  flow  information  and 
conveys  it  to  users  in  a  context  that  helps 
let  network  managers  adjust  their  control 
settings.The  product’s  initial  focus  is  on 
Cisco  quality-of-service  configurations  to 
help  companies  analyze  their  networks, 
make  specific  configuration  recommenda¬ 
tions,  then  analyze  those  changes  and 
make  further  recommendations.The  next 
step  would  be  to  automate  this  process. 
While  many  IT  groups  are  quite  reluctant 
to  allow  unattended  or  automated  configu¬ 
ration  changes,  the  dynamics  of  system 
behavior  eventually  will  make  this  stan¬ 
dard  operating  procedure. 

Compression  offers  big  payback 

Compression  is  the  most  powerful  tech¬ 
nology  within  the  breadth  of  APM  solu¬ 
tions  for  improving  network  resource 
efficiencies  and  improving 
end-user  response  times.  The 
technology  comes  in  a  few 
different  flavors  and  fits  into  a 
system  in  different  ways. 
Vendors  have  different  ways  of 
packaging  them.  Here  are 
some  of  them: 

•  HTTP  compression:  Since 
the  introduction  of  HTTP  1.1, 
support  for  compression  has 
been  built  into  the  browser, 
which  is  initiated  during  the 
HTTP  connection  request/ 
response. When  initiated  via  the 
browser,  reliable  compression  is 
limited  to  HTML  and  XML,  Java 
and  derivatives.  But  being  text- 
based,  the  HTTP  compression 
yields  about  a  70%  reduction  in 


payload  size. 

•  Two-sided  compression:  Packaged 
in  essentially  three  versions  (box-to-box, 
software-to-software  and  box-to-software), 
these  compression  services  enable  com¬ 
pression  of  virtually  any  data  stream 
between  two  points.These  solutions  are 
all  proprietary,  which  yields  high  com¬ 
pression  ratios,  and  typically  are  packed 
with  a  number  of  other  traffic  manage¬ 
ment  services. 

As  products,  these  various  compression 
methods  are  packaged  as: 

•  Software:  Some  form  of  executable 
pre-installed  or  dynamic  component 
(Java/ActiveX). 

•  Hardware:  In  the  box-to-box  packag¬ 
ing,  compression  typically  is  packaged  in 
a  traffic  manager  that  also  provides  a 
number  of  related  performance  services, 
such  as  QoS.  Some  examples  are  Expand, 
NetCelera,  Packeteer  and  Peribit. 

The  other  package  that  provides  the 
HTTP  compression  and  box-to-software 
offering  is  Application  Front  End  (AFE). 
(NetScaler  provides  both,  and  Array, 
Crescendo  Networks  and  Redline 
Networks  allow  HTTP-only.) 

Because  of  the  value  of  compression, 
it’s  important  to  leverage  it  as  part  of  both 
application  delivery  and  network  opti¬ 
mization,  which  sometimes  overlap. 

With  the  common  denominator  being 
users  or  applications,  the  evolution  of 
compression  services  eventually  will  lead 
to  a  blended  solution  set.The  graphic  (see 
page  41)  outlines  the  pros  and  cons  of 
both  approaches,  along  with  the  theoreti¬ 
cal  model  of  partnerships  between  AFE 
and  traffic  manager  vendors.The  evolu¬ 
tion  beyond  the  partnerships  and  the 
highest  value  to  architects  will  be  a  stan¬ 
dardized  compression  mechanism,  such 
as  Gzip,  used  for  any  session  scenario. 

Optimizing  TCP 

Another  common  service  currently  or 
soon  to  be  offered  by  AFE  and  traffic  man¬ 
agement  vendors  is  TCP  optimization, 
which  serves  as  a  boundary  function 
between  clients  and  the  application  sys¬ 
tems  to  which  they  connect.  For  the  traffic 
manager  vendors,  the  goal  is  to  reduce  the 
overhead  and  improve  the  transport  ser¬ 
vices  of  TCP  for  various  application  or 
facilities.  For  AFE  vendors,  the  primary 
value  is  on  offloading  TCP  connection 
setup  and  communication  overhead. 

With  the  traffic  manager  approach,  a 
network  architect  needs  to  closely  exam¬ 
ine  the  effect  that  remote  termination  of 
TCP  will  have  on  information  and  resolu¬ 
tion  systems.This  is  the  kind  of  APM  ser- 


The  right  tool  for  the  job 


Every  application  management  product  involves  one  or  more 
layers  of  the  protocol  stack,  and  there  is  a  right  and  wrong 
place  for  every  tool.  This  diagram  shows  a  seven-layer  OSI 
stack  with  specific  tools  (note  that  there  isn’t  a  product  or 
technology  that’s  part  of  Layer  7). 


Distributed  computing 
Caching/content  management 
SSL  acceleration/load  balancing 
Traffic  shaping/TCP  offload 
Route  optimization/IP  queuing 
MPLS/ATM 
Wi-Fi/Ethernet 
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lems  or  diagnose  desktop  problems. 


vice  that  begins  to  alter  the  architecture, 
and  therefore  any  commitment  to  it 
should  be  carefully  analyzed. 

Measuring  end-user  response 
times  in  APM 

The  most  important  measurement  for 
evaluating  or  validating  application  perfor¬ 
mance  is  end-user  response  time.  Like 
many  evolutions  in  IT,  the  early  entries 
didn’t  scale  well  from  a  system  or  over¬ 
head  perspective.  If  the  product  needs  to 
be  scripted  or  programmed  to  measure 
response  times,  the  time  needed  to  per¬ 
form  those  functions  becomes  a  total-cost- 
of-ownership. 

To  avoid  the  scripting  treadmill,  tool- 
based  solutions  such  as  NetQoS  provide 


Compression  progression 

Compression  provides  the  most 
bang  for  the  buck  of  all  the  app 
management  tools  available  today. 
The  two  types  of  compression  — 
traffic  manager  to  traffic  manager 
and  application  front  end  to  client 
—  each  have  pros  and  cons. 
Eventually  they  will  merge  into  a 
blended  solution. 
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a  pretty  accurate  assessment  of  re¬ 
sponse  times  and  provide  a  correlated 
view  of  other  resources  that  assist  in  iso¬ 
lating  conditions  resulting  in  poor 
performance. 

Beyond  the  traditional  product  model, 
NetQoS  also  offers  a  service  for  the  har¬ 
vesting  and  delivery  of  performance 
reports.  For  a  highly  scaleable  method  to 
obtain  response  times  for  Web-based 
applications  and  obtain  detailed  usage 
records  on  all  networked  application 
activity  of  all  users,  Centrisoft  has 
DataFbint.The  company  also  offers  a 
desktop  traffic  management  alternative 
called  Control  Pbint. 

To  reach  and  support  users  outside  the 
Intranet.Visualware  has  a  few  intriguing 
Java-based  offerings  that  can  be  dynami¬ 
cally  pushed  to  users  to  measure 
response  times,  isolate  connectivity  prob- 

More  online! 

Read  three  ways  on  how 
to  implement  application 
management. 

DocFinder:  2431 


Conclusion 

The  trends  in  APM  are  quite  positive 
and  continue  to  provide  tangible  value 
for  network  managers  within  many  IT 
systems. The  integration  of  performance 


information  and  controls  will  signifi¬ 
cantly  improve  the  effectiveness  of  these 
products,  offerings  and  improve  TCO. 

There  is  a  need  in  the  industry  to  estab¬ 
lish  a  policy  structure  that  will  begin  to 
glue  together  the  various  products  in  an 
operational  and  business  context. 


Nye  is  a  consultant  and  president  of  APM 
Advisors  in  Portland,  Ore.  He  can  be 
reached  at  lynn@apmadvisors.com. 


The  reason  the  world's  leading  companies 
rely  on  Equant  for  their  global  communications 


Your  business  communications  can't  be 
left  to  chance.  Fortunately,  there's  a 
provider  with  the  track  record  to  inspire 
your  confidence.  An  innovator  with  over  5  years 
experience  using  convergence-ready  MPLS 
technology  that  powers  business  solutions 
for  over  1100  companies.  A  provider  trusted 
by  the  world's  leading  companies. 

That  provider  is  Equant. 

Seamless.  And  that  trust  doesn't  stop  at 
any  border  -  because  Equant  is  everywhere. 
With  people  in  165  offices,  a  seamless  global 
network  that  covers  220  countries  and 
territories,  and  supported  locally  in  the  local 
language.  Our  customized  communication 
solutions  can  enable  your  key  business 
processes  wherever  you  want  to  do  business  - 
including  emerging  markets  like  India  and  China. 


Stable.  What's  more,  you  can  trust  us 
to  deliver  real  results  for  business  critical  needs. 
Solid  financials  and  steady  growth,  on  both 
client  list  and  balance  sheet.  But  don't  take 
our  word  for  it;  analysts  have  praised  Equant's 
solutions  for  global  businesses  for  years. 

Demonstrating  business  value.  And  that's 
how  we'll  earn  your  trust  -  by  understanding 
your  business  before  talking  technology. 

Our  approach  is  consultative,  not  hard-sell; 
our  people  build  relationships  by  demonstrating 
business  value  with  the  more  than  80  proven 
Equant  products  and  solutions.  We'd  like 
to  start  proving  ourselves  to  you  today. 

Go  to  the  link  below  and  see  why  Equant 
is  worthy  of  your  trust. 

umm/.equant.com/usa 
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Creating  answers  together. 
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Redline  Networks  helps  medical 
records  management  firm 
ChartOne  cure  network  pains 
and  boost  the  business  case  for 
its  Web-enabled  ERP  apps. 


Redline  Networks’  E|X  3250  gave  Henry  Svendblad  the 
performance  he  was  after  for  ChartOne’s  Web  applications. 


NO  IT  EXECUTIVE  LOOKS  FORWARD  TO  ASKING  upper  management 
to  spend  $200,000  on  a  major  system  upgrade.  But  Henry  Svendblad, 
director  of  IT  at  ChartOne,  Inc.,  felt  he  had  little  choice. 


ChartOne,  based  in  San  Jose,  California,  sells 
technology  and  services  that  help  health  care 
institutions  easily  and  cost-effectively  access  and 
manage  patient  records.  To  better  serve  its 
customers,  which  represent  20%  of  hospitals  in  the 
U.S.,  and  to  ease  the  burden  on  its  own  IT  staff,  the 
company  wanted  to  miqrate  its  ERP  applications  to 
the  Web. 

Like  many  companies  transitioning  to  Web- 
based  applications,  ChartOne  hit  performance 
snags  that  no  amount  of  application  tuning  and 
new  hardware  could  cure.  Only  after  two  years  of 
trial  and  error  did  ChartOne  find  a  cure  in  Redline 
Networks,  which  makes  a  family  of  appliances  that 
deliver  a  broad  set  of  capabilities  to  ease  the 
network  burdens  and  boost  the  business  case  for 
Web-enabled  applications.  With  Redline's  E|X  3250 
enterprise  application  processor  handling  I/O 
processing,  connection  management,  compression, 
load  balancing  and  SSL  processing,  ChartOne 
customers  and  internal  users  are  now  experiencing 
the  performance  they  require  —  and  the  company's 
IT  group  is  realizing  the  administrative  benefits  that 
Web-enabled  applications  can  bring. 

^NetworkWorld 


ON  THE  WEB  TRAIL 

ChartOne's  odyssey  began  in  July  of  2001 ,  when 
the  company  began  migrating  its  homegrown 
client/server  enterprise  applications  to  Peoplesoft  8, 
a  Web-based  ERP  suite.  "We  were  expecting  growth 
of  20%  to  30%  a  year,  and  we  felt  we  needed  a  big 
ERP  system,"  Svendblad  says.  In  addition,  thin, 
standardized  browsers  would  require  far  less  IT 
support  than  fat,  homegrown  clients. 

If  ChartOne  was  going  to  offer  Web-based 
patient  records  management  services,  Svendblad 
also  felt  the  company  "should  eat  our  own  dog  food" 
and  use  a  Web-based  application  platform  internally. 

Webification  proved  to  have  its  challenges, 
however.  As  more  application  modules  and  users 
moved  onto  the  new  infrastructure,  response  times 
slowed  to  a  crawl.  Employees  at  the  company's  10 
remote  offices  sometimes  spent  hours  waiting  for 
tickler  screens  that  had  taken  minutes  to  display 
under  the  old  client/server  system.  The  10-  to  15- 
person  offices  had  plenty  of  bandwidth,  IT  staffers 
knew:  In  anticipation  of  the  migration  to  Peoplesoft 
8,  they'd  deployed  T1  links  to  each  site. 

Users  on  the  corporate  LAN  were  also  having 


difficulties.  By  far,  the  worst  off  was  the  accounts 
receivable  department,  which  processes  more  than 
300,000  transactions  per  month.  Productivity  had 
dropped  by  20%  because  of  response  time  degra¬ 
dation.  "During  peak  usage  periods,  it  was  taking 
people  minutes  to  go  from  screen  to  screen," 
Svendblad  says. 


ChartOne's  Challenges 


•  Web-enabled  enterprise  applications  were 
overloading  servers. 

•  Server  processors  were  at  80%  to  90% 
utilization  levels  during  peak  traffic  periods. 

•  Slow  response  time  over  corporate  LAN  was 
hurting  user  productivity. 

•  Remote  users  waited  hours  for  screen 
downloads. 


The  Redline  Networks  Cure 


•  Average  server  CPU  utilization  during  peak 
usage  now  between  10%  and  15%. 

•  Response  time  returned  to  desirable  levels 
for  local  and  remote  users. 

•  Remote  sites  no  longer  need  terminal  servers. 

•  Bandwidth  consumption  decreased  approx¬ 
imately  70%. 

•  Savings  of  $200,000  by  avoiding  major 
hardware  upgrades. 


Photograph  by  Robert  Houser 
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setup  also  strained  budgets  and  IT  resources. 

Meanwhile,  Web  and  application  servers  were  still 
maxing  out  during  peak  usage  periods.  A  major 
upgrade  seemed  inevitable.  "It  looked  like  we  needed 
a  new  [BEA  Systems]  WebLogic  server,  a  new 
database  server  and  a  third  server  for  finance," 
Svendblad  says.  His  team  priced  out  three  SunFire 
servers  on  the  second-hand  market  at  about  $50,000 
apiece.  He  also  budgeted  $50,000  for  a  LAN 
upgrade,  bringing  the  total  budget  hit  to  $200,000, 
which  Svendblad  calls  a  conservative  estimate. 


IN  SEARCH  OF  A  CURE 

As  user  complaints  mounted,  the  IT  staff  began 
looking  for  remedies.  PeopleSoft  and  Oracle  — 
ChartOne's  application  vendors  —  initially  suggested 
fine-tuning  their  applications.  "With  a  thin  Web 
client,  ERP  systems  involve  complex  querying  in  the 
background,"  Svendblad  explains. 

When  tweaking  back-end  software  produced 
little  improvement,  ChartOne  tried  upgrading  its 
server  hardware.  It  deployed  another  Sun  420R 
application  server  and  storage  box,  then  migrated 
the  main  financial  server  from  a  420R  to  a  more 
powerful  SunFire  server.  "Performance  improved 
slightly,  but  we  were  still  looking  at  CPU  usage  in 
the  high  80%  to  90%  range  during  peak  processing 
time,"  Svendblad  says.  "And  our  phones  were  still 
ringing  off  the  hook." 

Pressed  for  answers,  ChartOne  even  took  the 
radical  step  of  supplying  remote  offices  and  home 
workers  with  terminal  servers.  While  that  substan¬ 
tially  improved  response  time,  maintaining  the 
devices  offsite  was  a  major  burden  on  the  IT 
support  staff.  "It  was  like  we'd  gone  back  to  a 
client/server  setup,"  Svendblad  says,  noting  the 


ONE  VERY  BRIEF  PILOT 

Just  as  he  was  about  to  swallow  that  bitter  pill, 
a  former  colleague  told  Svendblad  about  Redline 
Networks  in  Campbell,  Calif.,  and  its  family  of 
appliances  that  help  enterprises  manage  the 
network  impact  of  Web-enabled  applications  and 
improve  their  business  case. 

In  the  summer  of  2003,  ChartOne  deployed 
Redline's  E|X  3250  enterprise  application  processor 
in  front  of  its  WebLogic  servers.  The  Redline  device 
took  over  complex  scheduling  of  TCP  requests 
and  connection  management  chores  for  as  many 
as  150  users,  saving  the  Web  servers'  CPU  and 
memory  resources  for  other  activities  like  page 
generation.  The  E|X  also  performed  data  compres¬ 
sion  to  speed  up  server  response  and  conserve 
bandwidth. 

Svendblad's  group  started  out  with  a  pilot  test 
within  the  accounts  receivable  group,  which  took 
the  biggest  performance  hit  after  moving  to 
Peoplesoft  8.  Setting  up  users  was  simple  and 
transparent,  Svendblad  reports:  "I  just  changed  the 
local  DNS  setting,  and  when  users  clicked  on  the 
PeopleSoft  icon,  they  were  routed  through  the 
Redline  box.  We  didn't  have  to  change  anything  on 


our  existing  architecture,  or  on  the  WebLogic  or 
PeopleSoft  servers." 

User  response  was  fast  and  dramatic.  "People 
were  asking  us  if  we'd  put  some  magic  juice  in  their 
system,"  Svendblad  reports.  When  word  spread, 
end  users  not  involved  in  the  pilot  "were  pounding 
on  our  door  saying,  'Whatever  you  did  for  her,  do 
for  me!"'  It  may  have  been  the  shortest  pilot  on 
record:  A  day  after  the  test  started,  the  company 
routed  all  the  other  users  through  the  Redline  box. 

TALLYING  THE  BENEFITS 

Once  the  bulk  of  users  was  online,  the  benefits 
of  the  Redline  device  really  began  to  kick  in, 
Svendblad  reports.  Average  CPU  consumption 
during  peak  processing  time  plummeted  from  80% 
or  more  to  less  than  15%.  Bandwidth  consumption 
decreased  approximately  70%. 

The  E|X  3250  now  handles  SSL  encryption, 
as  well.  "We  have  security  without  burdening 
our  servers  with  managing  certificates  or  with  SSL," 
Svendblad  says.  The  company  also  saves  money  on 
SSL  certificates,  since  it  needs  only  one  for  the 
Redline  box  instead  of  one  for  each  server. 

Over  the  past  year,  ChartOne  brought  its 
customer  relationship  management,  HR  and 
Hyperion  Business  Performance  Management 
applications  behind  the  Redline  box.  Most  recently, 
the  company  added  its  View  Manager:  Chart 
Management  Suite  of  ASP  offerings  to  the  set  of 
applications  front-ended  by  the  E|X  platform. 


After  ChartOne  installed  the  Redline 
Networks  E|X  3250,  user  response 
was  dramatically  faster.  "People  were 
asking  us  if  we'd  put  some  magic 
juice  in  their  system,"  says  Henry 
Svendblad,  director  of  IT. 


ChartOne's  hundred-odd  remote  and  mobile 
users  have  completely  eliminated  their  terminal 
servers  and  use  a  standard  Web  browser  to  access 
all  applications,  via  the  E|X  3250.  "The  user  experi¬ 
ence  is  improved,  and  our  support  costs  are  lower," 
Svendblad  says. 

The  bottom  line:  ChartOne  successfully  imple¬ 
mented  a  Web-enabled  ERP  platform  with  a  "single 
box  solution"  that  addresses  critical  Web  tier  issues 
while  dramatically  improving  the  business  case  by 
increasing  user  productivity  and  avoiding  costly 
hardware  upgrades.  End  users  now  experience  the 
same  response  time  levels  and  productivity  they 
had  with  customized  fat  clients  —  but  IT  no  longer 
has  the  support  burden.  Says  Svendblad:  "I  think 
that's  pretty  impressive." 


LEARN  MORE  ABOUT  REDLINE  NETWORKS  ONLINE 


Sponsored  by 


Read  what  leading  analysts  and  other  customers  say 
about  Redline  Networks  at  our  new  InfoCenter,or  call  us  at: 

1.877.550.6420 

Visit:  www.redlinenetworks.com/infocenter 
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The  new  Distributed  Wireless  Solution  from  SonicWALL-a  unique  answer  to  your  network's 
most  pressing  mobility  and  productivity  needs. 

Your  employees  want  to  work. ..everywhere.  You  know  wireless  is  the  answer,  but  what  about  those  nagging  security  concerns?  And  the  headaches 
associated  with  managing  separate  wired  and  wireless  infrastructures? 


Finally,  a  proven  network  security  firm  has  delivered  the  ultimate  wireless  LAN  platform.  Built  upon  its  award-winning  line  of  PRO  series  appliances,  the 
unique  Distributed  Wireless  Solution  from  SonicWALL®  integrates  secure  wireless  functionality  with  a  deep  packet  inspection  firewall,  IPSec  VPN,  content 
filtering,  intrusion  prevention,  gateway-enforced  anti-virus  protection  and  end  point  security.  Using  the  new  multi-radio,  centrally-managed  SonicPoint™ 
802.1 1  a/b/g  satellite  access  points,  you  can  enjoy  powerful  features  such  as  Wireless  Guest  Services  and  secure  wireless  roaming  throughout  your  facility. 
And  whether  you  add  two  or  100  SonicPoints,  it's  all  managed  securely  and  seamlessly  by  the  SonicWALL  security  appliance. 


Give  your  employees  the  heady  feeling  of  freedom.  With  SonicWALL's  ingenious  wireless  security  solutions,  you  can  unleash  your 
workforce  without  sacrificing  security. 

The  SonicWALL  Distributed  Wireless  Solution.  Wired  or  wireless,  it's  all  the  same.  Get  to  work. 

To  learn  more  about  SonicWALL's  Distributed  Wireless  Solution  and  set  your  workforce  free,  contact  one  of  the  resellers  below 
or  visit  www.sonicwall.com/home/reseller.asp  to  find  a  SonicWALL  reseller  near  you. 
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■  CAREER  DEVELOPMENT 

■  PROJECT  MANAGEMENT 

■  BUSINESS  JUSTIFICATION 


Justifying  anti-spam  investments 

Analyzing  the  toll  unwanted  e-mail  takes  on  productivity,  bandwidth,  storage  and  support  aids  your  attack. 


■  BY  JOHN  FONTANA 

If  spam  has  a  bright  side,  it’s  that  the  universal  annoyance 
this  unwanted  e-mail  causes  everyone  from  the  loading 
dock  manager  to  the  chairman  of  the  board  makes  it  eas¬ 
ier  for  IT  to  win  spending  approval  for  tools  to  help  fight 
the  beast. 


Spam’s  strain  on  corporate  coffers  isn’t  just  in  lost  productivity,  which  some 
companies  report  can  be  in  the  hundreds  of  thousands  of  dollars  per  year.  It 
also  steals  from  bandwidth,  network  storage  and  end-user  support.  And  the 
cost  of  spam  doesn’t  stop  there,  considering  the  potential  damage  to  a  cor¬ 
poration’s  brand  or  possible  litigation  arising  from  the  exchange  or  receipt  of 
questionable  e-mail. 

Even  though  selling  the  benefits  of  spam  blockers  can  be  fairly  straightfor¬ 
ward  given  that  they  must  deal  with  a  flood  of  junk  mail,  experts  say  accu¬ 
rately  documenting  the  cost  of  spam 
can  help  IT  secure  a  larger  budget 
and  ensure  that  an  effective  system  is 
put  in  place. 

“You  want  to  make  a  Cadillac  deci¬ 
sion,  not  a  Hyundai  decision,”  says 
Tom  Pisello,  founder  and  CEO  of  con¬ 
sultancy  Alinean,  which  assesses  the 
business  value  of  IT  investments.  He 
says  good  spam  filtering  systems  can 
reduce  the  productivity  losses  associ¬ 
ated  with  spam  by  40%  and  the  asso¬ 
ciated  IT  costs  by  70%. 

There  are  dozens  of  anti-spam  prod¬ 
ucts  and  services  to  consider,  such  as 
e-mail  appliances,  filtering  software 
and  hosted  services. 

“Midsized  and  large  companies 
need  a  more  sophisticated  system 
than  smaller  companies,  and  that’s 
why  you  have  to  do  your  due  dili¬ 
gence.  A  business  case  is  going  to  be 
needed  for  any  purchase  over 
$50,000,”  Pisello  says. 

And  that  is  the  low  end.  Effective 
spam-filtering  products  can  run  into 
six  figures. 

IT  managers  who  do  the  work  to 
document  their  needs  also  are  those  more  likely  to  gain  the  benefits  such  as 
payback  on  anti-spam  products  within  six  months  or  less  and  a  ROI  of  well 
over  300%,  Pisello  says. 

Quantify  costs 

Where  does  the  assessment  start? 

Most  IT  managers  build  their  case  on  four  key  areas:  productivity,  bandwidth, 
storage  and  help  desk  support.  While  lost  productivity  is  an  obvious  area 
where  spam  takes  its  toll,  users  shouldn’t  ignore  that  spam  can  consume  up  to 


Hold  the  spam 


With  spam  continuing  its  assault  on 
corporate  e-mail,  IT  managers  must 
create  a  convincing  proposal  to  secure 
funding  for  the  appropriate  technology 
to  fight  the  scourge. 


Percentages  of  total  Internet 
e-mail  identified  as  spam 
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11%  of  a  company’s  bandwidth  and  up  to  500G  bytes  of  storage  each  year, 
according  to  Alinean.  Spam  also  can  generate  up  to  five  extra  help  desk  calls 
per  day,  per  100  users,  which  can  mandate  the  need  for  extra  staff. 

“After  we  totaled  up  our  costs  it  was  a  no-brainerj’says  Mark  Fitzgerald, senior 
technical  specialist  for  workplace  automation  technology  at  KeyCorp,  a  finan¬ 
cial  services  company  in  Cleveland  with  assets  of  $86  billion.“Spam  was  cost¬ 
ing  us  over  $1  million  per  year.” 

Fitzgerald  used  that  figure  as  the  centerpiece  for  a  formal  proposal  and  ROI 
overview. 

“Spam  was  so  bad  it  was  an  easy  decision,”  he  says.  Fitzgerald  secured  an  ini¬ 
tial  $150,000  budget  and  this  January  deployed  an  IronPort  C60  anti-spam 
appliance  backed  by  spam  filtering  services  from  Brightmail.The  company 
now  blocks  90%  of  the  spam  that  comes  to  its  gateway  compared  with  the  27% 
previously  weeded  out  by  a  faltering  content  filter. 

Eliminating  80%  to  90%  of  spam  is  an  admirable  target,  experts  say.  But  IT 
users  must  ensure  they  don’t  block  valid  communications  and  should  aim  for 
less  than  1%  false  positives. 

Fitzgerald  says  appliances  such  as  IronPort  probably  will  be  out  of  reach  for 
smaller  companies,  but  he  recommends  those  companies  make  a  detailed  list 
of  desired  features.“We  did  a  lot  of  research  up  front  and  created  a  list  of  our 
needs,”  he  says,  which  ensured  the  company  met  its  priority  for  a  product  that 
guaranteed  few  false  positives. 

Sometimes,  however,  money  is  an  issue  and  users  must  react  quickly 

“In  our  situation,  it  was  a  matter  of  ‘you  need  to  go  fix  this,’”  says  Ron  Mann, 
network  administrator  for  the  Colorado  Department  of  Agriculture  in  Denver. 
And  he  had  to  fix  it  on  a  $1,600  budget,  he  was  told. 

Mann  says  he  got  to  work  and  downloaded  evaluation  software  from  three 
companies  before  selecting  Power  Tools  for  Exchange  from  Nemx  Software 
based  on  its  ease  of  use  and  performance  qualities. 

Now  with  the  the  Colorado  Department  of  Agriculture  planning  an  upgrade 
to  its  Microsoft  Exchange  infrastructure,  Mann  says  he  will  use  the  knowledge 
gained  on  the  first  go-round  with  anti-spam  software  to  get  a  new  filter  in  place. 

He  says  he  might  be  too  busy  to  determine  what  spam  is  costing  the  orga¬ 
nization,  but  he  has  learned  a  new  approach. 

“The  goal  is  to  make  a  less-hurried  decision,”  he  says. 

And  with  the  extra  time,  he  says  he  hopes  his  evaluation  will  lead  to  a  choice 
that  will  serve  his  organization  in  the  long  run. “I  think  spam  is  something  we 
are  going  to  have  to  live  with  and  some¬ 
thing  that  we  need  to  keep  a  constant  eye 
on,”  he  says. 


Policies  play  a  part 

Experts  agree  and  say  nothing  will  eradi¬ 
cate  the  spam  problem,  but  there  are  a  few 
techniques  that  can  decrease  the  amount  of 
spam.  Don’t  publish  e-mail  addresses  on  a 
public  Web  site  since  spam  programs  search 
those  sites  for  new  targets,  and  think  about 
text  and  header  analysis,  blacklists  and  anti¬ 
spoofing  technology  as  a  minimal  line  of 
defense.  Also,  educate  users  on  behaviors 
that  influence  the  amount  of  spam  they  re¬ 
ceive.  Alinean  recommends  users  curtail  vis¬ 
its  or  registration  on  questionable  Web  sites, 
and  never  respond  to  spam  e-mails.  ■ 


Considering  buying  an  anti-spam 
product?  Consult  our  review  of 
16  e-mail  filtering  gateways  to 
learn  how  they  fared  on  a  live 
production  network,  then  refer 
to  our  regularly  updated  online 
Buyer’s  Guide  for  additional  anti- 
spam  options. 
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CCM  Console  Manager  features: 
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To  be  provided  in  future  upgrade  for  the  48-port  model. 


Relax  and  fix  the  problem  from  virtually  anywhere. 

When  critical  servers  or  network  equipment  malfunction, 
the  Equinox  CCM  console  manager  and  AVWorks® 
management  software  give  you  the  tools  to  securely  and 
quickly  restore  normal  functionality  from  anywhere. 


Extend  your  reach 


Available  in  8,  16 
and  48-ports. 


One  Equinox  Way,  Sunrise  FL  33351,  email:  sales@equinox.com  or  for  international  customers  email:  intlsales@equinox.com. 
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solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability;  ease  of  use 
• '  and  innovative  technology. 

Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
■  Resellers  and  Distributors.  Rose  has 
’■  operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  Texas  77099 

ROSE  US  +281  933  7673 

ROSE  EUROPE  +  44  (0)  1 264  850574 
ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


./•- 


RackView™ 


KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 


UltraMatrix  Remote 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

High  quality  video  up  to  1280  x  1024 
Scaling,  scrolling,  and  auto-size  features 
Secure  encrypted  operation  with  login  and  computer 
access  control 

Advanced  visual  interface  (AVI) 

No  need  to  power  down  servers  to  install 
Free  lifetime  upgrade  of  firmware 
Available  in  several  models 
Easy  to  expand 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


•  Connects  up  to  1000  computers  to  a  KVM  station 

•  Models  for  4,  8,16  computers 

•  Advanced  visual  interface  (AVI) 

•  Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

•  Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

•  Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

•  Free  lifetime  upgrade  of  firmware 

•  Security  features  prevent  unauthorized  access 

•  Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 
simultaneous  booting 

•  Easy  to  expand 


800  333  9343 

WWW.ROSE.COM 


M, 

ELECTRONICS 


Cost-Effective  Console  Switch 


Intelligent  Serial  Port  Switch  with 
Internal  Modem 


■  Internal  33.6  Kbps  Modem 

■  Secure  Dialback  Feature 

■  Password  Protection 

n  Invalid  Access  Lockdown 

■  Periodic  Modem  “AT”  Refresh 

B  Seven  RS232  DB-9  Console  Ports 
&  Any-to-Any  Port  Switching 
is  Non-Connect  Port  Buffering 
m  Data  Rate  Conversion  300  to  115K  bps 
m  AC  and-48  DC  Power  Options 


— •< — 

ass1 


□ 

□ 


The  APS-8M  Asynchronous  Port  Switch  is  a  cost 
effective  Terminal  Server  alternative,  plus  you  get  an  internal  modem 
which  saves  rack  and  cabling  hassles.  Connect  multiple  devices  for  on-site 
and/or  dial-up  remote  communications.  High  data  throughput,  full  modem 
and  data  flow  control  all  add  up  to  make  the  APS-8M  the  perfect  data  switch 
or  today’s  remote  network  management  applications. 


www.  wti.  com 


(800)  854-7226 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  9  2  6  1  8-  2  5  1  7 


Celebrating  our  40th 
Year  in  DataCom 


“Keeping  the  Net.. .Working!” 
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GTA  Firewall  Products 

Tough  Network  Security 


✓  Building  Firewalls  for  over  1 0  years 

✓  ICSA  4.0  Corporate  Certification 

✓  5  appliances  to  match  your  network  needs 

✓  Easy,  Flexible  Implementation  Options 

✓  IPSecVPN 

✓  Affordable  pricing 


Global 
Technology 
Associates,  Inc. 


1 -800-775-4GTA  •  www.gta.com  •  lnfo@gta.com 


'I 


www.networkinstruments.ccm/nifie 

©  2004  Network  Instruments.  LLC.  All  rights  reserved,  Observer,  Network  iri’ry-.--  <.<■■  —  1  “■ 
Network  Instruments  logo  are  registered  trademarks  of  Netv'.t.o.:ns  .  '  ■ 


Custom  Management  Levels 


ORK  CONTR 
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A/E  MAKE  IT  HAPPEN. 

Test-drive  the  new  Observer  9  today  and  see  how  it  immediately 
finds  problems  you  didn't  know  you  had,  optimizes  network  traffic 
and  provides  insight  for  future  planning.  Call  800-526-5958  for 
a  full  featured  evaluation  or  visit  our  website  at 

www.networkinstruments.com/nine 


Introducing  Observer  9 

•  New  Application  Analysis 

•  Remote  probes  now  provide  multi-interface  and 

multi-session  support  . 

•  Industry-first  4GB  packet  capture  buffer  < 

•  Wireless  Site  Survey  Modes 

•  Nanosecond  resolution  -  : 

:  ‘ yW’t*  I 

•  Now  over  450  Expert  Events  ' 

•  SNMP.  RMON  and  now  HCRMON  support  '{%’% 


OBSERVER 


US  &  Canada  Toll  free:  (800)  526-5958  •  Fax:  (952)  932-9545 

•  One  Network  Complete  Control 

NETWORK* 

INSTRUMENTS 


UK  &  Europe:  +44  (0)  1959  569880 

Wired  to  Wireless  •  LAN  to  WAN 


Remote  &  Hardware  Options 


•  Decode  over  500  protocols 

•  Long-term  network  trending  &  analysis 

•  Real-time  statistics 


EXPERT  OBSERVER 

•  What-lf  Modeling  Analysis 

•  Expert  Analysis 

•  Connection  Dynamics 


OBSERVER  SUITE 

•  Complete  SNMP  device  management 

•  Supports  full  RM0N1 ,  RM0N2,  HCRMON 

•  Web  Publishing  Reports 


REMOTE  NETWORKING  PROBES 

•  Fully  distributed 

•  Monitor  up  to  64  NICs  simultaneously 

•  New  levels  of  problem  solving  collaboration 


GIGABIT  &  WAN  HARDWARE  OPTIONS 

•  Portable  analyzer  systems 

•  Rack-mount  Probes  ready  to  go 

•  Direct,  passive  link  for  independent  views 


OBSERVER 


OBSERVER 


IS# 

OBSERVER 
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DtSearch  developer  or  multi-user  licenses  in  the  past  two  years. 


earch 


Instantly  Search  Gigabytes  of  Text  Across 
a  PC,  Network,  Intranet  or  Internet  Site 
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See  www.dtsearch.com  for. 
^hundreds  of  developer  case  studies  &  reviews 


fully-functional  evaluations 


Publish  Large  Document  Collections 
to  the  Web  or  to  CD/DVD 


♦  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  &  PDF  while  displaying  embedded 
links,  formatting  &  ffllKMiM 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet, 
email,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 


dtSearch  Reviews... 

♦  “The  most  powerful  document  search  tool  on  the  market” 

—  Wired  Magazine 

Intuitive  and  austere  ...  a  superb  search  tool”  —  PC  World 

Blindingly  fast”  —  Computer  Forensics:  Incident  Response 
Essentials 

A  powerful  arsenal  of  search  tools”  —  The  New  York  Times 

♦  “Covers  all  data  sources  ...  powerful  Web-based  engines” 

—  eWEEK 

Searches  at  blazing  speeds”  —  Computer  Reseller  News 
Test  Center 


The  Smart  Choice  for 
Text  Retrieval®  since  1991 


Power  Control 


VJS. 
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What’s  Your 
’Current’  Load? 


Verify  Amps  Used  per  Circuit 
with  Sentry  Input  Current  Monitor 

•  Precisely  measure  the  current,  in  amps, 

.  for  each  power  circuit 

,•  Prevent  overloads  on  existins  power  circuits 
Reduce  costs  for  additional  power  circuits 


Overcurrent  alarms 

.  ■ 

v ; ..  •  Remote  Measurement  via  IP  or  RS-232 
■ ;  •  Local  Measurement  via  disital  display 

'  v-/  Gentry  Power  Tower.  Equipment  Cabinet  Solutions. 

■ 

^  >ri[r V. 


Server  Technology,  Inc. 


1040  Sandhill  Drive  Reno,  Nevada  8951 1  USA 
Webi  .www.servertech.com  toll  free:  1.800.835.1515 


For  More  inforMatfon 
on  advertising  in 
^/etwo rk  Wo r(df*  Marketplace; 
SOO-bll-1108 
d  resales®  nww«coM 


WWW.SUITCASE.COM 


Luggage,  Fine  Leather  Goods,  Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo,  Samsonite,  Cross 

10%  discount  for  Network  World  readers 
Enter  code  NWW2004 
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SENSAPHONE4 

iivis-aona 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 

Alarming 


Internal 

UPS 


Power  Ethernet 
Control  Port 
Interface 


Internal  Voice, 
Modem 
6r  Pager  Port 


8  RJ-45  Sensor  Inputs 

C Temperature ,  Humidity, 
Water,  Motion,  Power, 
Smoke/Fire) 


Microphone 

for  Sound 
Monitoring 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Phonetics,  Inc. 

Tel:  877-373-2700 

901  Tryens  Road 

www.ims-4000.com 

Aston,  PA  19014 
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Attention  Resellers! 


SECUREMATICS 

The  Right  decision  for  Security  Products 

Best  Source  for  SONICWALL 
Security  Products! 

LIMITED  TIME  OFFER! 

•  Earn  1  FREE  SonicU  e*Training 
Class  for  every  $15K  in  SonicWALL 
purchases  from  Securematics." 

•  New  SonicWALL  Resellers  will  receive  1  FREE 

SonicU  Electronic  Training  Course  with  purchase 
of  any  Demo  Unit  _T  . . 


Call 


Securematics  is  a  SonicWALL  Authorized  Distributor  &  Training  Partner 
To  sign  up  for  the  Medallion  Partner  Program,  please  contact  us. 

888-746-6700  sales@securematics.com  www.securematics.com 


Take  control  of  your  network,  systems  and  application 
infrastructure  before  it  controls  you.  OpManager  provides 
integrated  management  for  IT  infrastructure.  I 

Move  to  integrated  management  Try  OpManager  today...  j 

I 

Available  for  Linux,  Solaris  and  Windows 


Keep  IT  simple 


ManageEngine 

OpManager 

Network,  Systems  and  Application  Management 
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Interested?  Submit  an  online 
application  at  aflac.com! 


Odds  are  you  wouldn’t  look  to  an  insurance  company  for  cutting 
edge  IT  opportunities.  Well,  look  again.  The  widely  recognized  IT 
organization  at  Allmerica  Financial  is  instrumental  in  positioning  our 
company  for  future  growth. 


iiUi] 

BEST  PUCES 

TO  WOW#  IT 


computerworid  Allmerica  Financial  is  a  Fortune  500  company  and  the 
timely  implementation  of  value-added  technology 
is  a  driving  force  behind  our  company’s  success.  Our 
commitment  to  technology  solutions  for  business  needs 
provides  a  wealth  of  exciting  challenges  and  opportunities 
for  IT  professionals.  These  opportunities,  along  with  exceptional 
training  and  development  programs,  compensation  and  benefits, 
make  Allmerica  Financial  a  company  Computerworid  named  one  of 
the  100  Best  Places  to  Work  in  IT  in  2003. 


For  more  information  about  career 
opportunities,  please  visit  our  website 

at  www.allmerica.com 

AA/EEO/M/F/D/V.  EOE. 


ALLMERICA 


FINANCIAL* 


CITIZENS  INSURANCE* 
HANOVER  INSURANCE* 


The  Best 
Internet  Service 
Deserves  the 
Best  Employees. 


©  2004  EarthLink,  Inc.  All 


Visit  www.earthlink.net  today! 

Q  EarthLink  revolves  around  you 


Market  Research  Analyst 
sought  by  New  Jersey- 
based  s/ware  consulting 
firm  to  research,  analyze, 
design,  and  implement  mar¬ 
keting  strategies  and  busi¬ 
ness  policies  in  IT  sector. 
Must  have  a  Bach  or  equiv 
in  Management  with  2  yrs 
exp  in  mktg  and  s/ware 
technologies.  Respond  to: 
HR  Dept.,  AK  Systems, 
Inc.,  100  Metroplex  Drive, 
Suite  303,  Edison,  NJ 
08817. 


Integration  Serv  Project  Mgrs. 
Work  with  tech  &  bus  reps  to 
analyze,  design,  implement  & 
integrate  information  exchange 
platforms  using  Java,  WebLogic, 
SAP,  &  EAI  &  Middleware  tools 
on  Unix  &  Win  sys.  Req.  BS  in 
comp  sci/engg,  or  related  tech 
field  &  5  yr  exp  in  technology 
management  or  presales,  & 
knowledge  of  webmethods,  MQ 
Series,  Tibco,  XML,  XSLT,  XML, 
cXML,  EDI,  X12,  EDIFACT, 
Weblogic,  SAP  &  Java. 
Resumes:  A  Geveke,  nuBridges, 
LLC,  1000  Abernathy  Rd,  Bldg 
400,  Ste  630,  Atlanta,  GA  30328 


SYSTEMS  ANALYST  needed  with 
knowledge  of  writing  scripts  for 
Worldspan  and  Sabre  GDS  sys¬ 
tems  and  experienced  to  analyze, 
design,  test  and  implement  web 
oriented  &  custom  built  applica¬ 
tions  using  NET,  ASP.  Net, 
VB.Net,  ADO. Net,  ASP,  Cold 
Fusion,  PHP,  CFScript,  Visual 
Basic  XML.  VB  Script,  JavaScript, 
Java.  RUP,  UML.  HTML,  SQL, 
SQL  Server  2000/7,  Oracle  8.0 
and  Crystal  Reports.  Candidates 
who  is  familiar  with  Computer 
Hardware  repair  and  Network 
trouble  shooting  will  get  a  prece¬ 
dence.  Req:  Bachelors  with  2 
years  experience.  Mail  resumes 
to  Atlanta  International  Travel  Inc, 
7050  Jimmy  Carter  Blvd,  Ste  202, 
Norcross,  GA  30092. 
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The  MathWorks 

The  MathWorks  leads  the  market  in  developing  and 
delivering  high  performance  interactive  software 
products  such  as  MATLAB®  to  the  engineering  and 
scientific  communities.  We  re  increasing  our  lead  by 
hiring  the  best  people  for  every  job  in  the  organization. 
We  have  the  following  positions  available  at  our  offices 
in  Natick.  MA. 

Genetic  Algorithm  Toolbox  Developer 

Propose,  plan  and  develop  genetic  algorithm  direct 
search  tools. 

Simulink  Engine  Quality  Engineer 

Develop  test  suites  and  conduct  hands-on  testing  of 
the  company's  Simulink  product  engine. 

DSP  Simulink  Blockset  Engineer 

Design  and  develop  software  components  for  real-time, 
embedded  DSP  algorithms  in  the  audio,  video,  and 
telephony  application  areas. 

Senior  GUIDE  Engineer 

Lead  the  architecture  development  and  implementation 
for  the  next  generation  graphical  user  interface 
development  environment. 

The  aforementioned  positions  are  available  at 
all  levels  and  require  a  minimum  of  a  B.S.,  M.S., 
or  Ph.D.  and  0-8  years  of  experience. 

Additional  Opportunities  in  the  Following  Areas: 

•  Sales  Representatives 

•  International  Sales  Reporting  Analyst 

•  Business  Model  Analyst 

•  Business  Application  Managers 

•  Data  Warehouse  Architect-Business  Intelligence 

•  I)SP/Communications  Quality  Engineer 

•  Real  Time  Embedded  Coder  Quality  Engineer 

•  Product  Marketing  Manager 

•  Software  Engineers 

For  fastest  consideration  interested  candidates 
should  reply  via  our  website: 
http://www.mathworks.com/jobs 

The  MathWorks,  Three  Apple  Hilt  Drive, 

Natick,  MA  01760  -  Job  Code:  IT604 

We  are  an  equal  opportunity  employer. 


www.mathworks.com 


DATABASE  ADMINISTRATOR 


ACUITY,  one  of  FORTUNE'S  Top  100  Companies  To  Work  For  and  an  AM 
Best  A+  rated  regional  property  and  casualty  insurer  headquartered  in 
Sheboygan,  Wl  seeks  an  experienced  senior  level  DB2  DBA  to  provide  sup¬ 
port  for  DB2  applications  on  IBM  Z  /  OS  and  RS /  6000  platforms.  The  can¬ 
didate  should  have  a  strong  background  as  a  DB2  DBA  with  UDB  DB2  on 
distributed  servers.  Exposure  to  DB2  systems  level  experience  a  plus.  This 
position  requires  the  ability  to  identify  performance  related  issues  and  rec¬ 
ommend  corrective  action. 


Position  is  a  production  DBA  with  responsibilities  including  day  to  day 
administration  of  data  bases,  upgrades,  performance  monitoring  and  tun¬ 
ing,  application  support  and  optimization,  backup  and  recovery,  trouble¬ 
shooting  and  resolving  DB2  and  SQL  errors  and  failures,  auditing  activities, 
and  resource  utilization.  A  desire  to  expand  skill  and  knowledge  to  other 
DBMS  and  system  software  technologies  is  required.  The  ideal  candidate 
needs  a  bachelor’s  degree,  5+  years  database  experience  with  3+  years 
recently  as  a  DB2  DBA.  Strong  oral  and  written  communication  skills  and 
good  interpersonal  skills  are  necessary. 


Excellent  salary  and  benefits  package  including  401  (k),  health,  wellness, 
income  protection  and  flexible  spending  plans. 


Equal  Opportunity  Employer 
Contact  Greg  Spears  at 
800.242.7666  Ext.  1008 
Email  hr@acuity.com 
FAX  920.458.7299 


ACUITY 


www.acuity.com  2800  S  Taylor  Drive  •  Sheboygan,  Wl  53081 


If  you’ve  been  searching  for 
a  progressive,  team-oriented 
company  where  you  can  put 
ttfr*  Y°ur  technical  skills  to  work, 

-  '  we  could  be  just  what  you’ve 

been  looking  for.  Cabela’s,  the  World’s  Foremost  Outfitter  of  Hunt¬ 
ing,  Fishing  and  Outdoor  Oear.  is  currently  seeking  an  experienced 
Digital  Asset  Manager  to  work  in  our  catalog  department  in  Sidney, 
Nebraska.  Applicants  should  have  a  knowledge  of  hardware  and 
software  systems  associated  with  digital  asset  management  and  a 
minimum  of  three  years  experience  in  prepress,  print  operations  or 
operations  management.  In  addition  applicants  must  have  the  abil¬ 
ity  to  understand  and  manage  database  applications  such  as  Media- 
Bank,  Filcmaker  Pro  Excel  and  Microsoft  Access.  The  position  also 
requires  some  supervisory  responsibilities  including  scheduling  and 
assigning  database  job  creation  efforts  and  checking  work  for  accu¬ 
racy.  Unix  experience  is  helpful.  Cabela’s  offers  competitive  wages 
and  benefits  as  well  as  opportunity  for  advancement  and  furthering 
your  education.  Qualified  applicants  should  submit  a  resume  and 
cover  letter  online  at  www.cabclas.com.  Select  “About  Cabela’s”, 
and  then  select  “Careers”.  Job  ID#861. _ 


World's  Foremost  Outfi 
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Do  you  have  Acti've  Top  Secret  CLearance? 

Looking  to  work  in  a  state-of-the-art  facility  with  leading-edge 
technology?  Have  we  got  one  for  you !  We  are  Terremark  Worldwide, 

Inc.,  an  internet  exchange  company,  and  the  owner  and  operator  of  the 
NAP  of  the  Americas,  the  world’s  5th  Tier  1  Network  Access  Point.  We 
provide  colocation  and  managed  services  to  a  variety  of  customers  globally. 
Our  world-wide  expansion  has  created  exciting  opportunities  for  team 
players  who  thrive  in  a  fast-paced,  entrepreneurial  environment. 

Here  are  just  a  few  of  our  current  opportunities: 

•  Senior  NOC  Engineer  •  Senior  Optical  Engineer 

•  Satellite  Communications  Engineer  •  Senior  Internet  Engineer 

•  Federal  Contracts  Manager  •  Customer  Support 

Specialists-Federal  Programs 

To  learn  more  about  our  careers  and  benefits,  visit  our  web 

site  at  www.terremark.com.  . 


You  can  apply  online  or  mail  your  resume  to  Terremark 
Worldwide,  Inc.,  2601  South  Bayshore  Drive,  9th  Floor,  Miami, 
Florida,  33133.  Attn:  Human  Resources  Department.  EOE 


terremark 

Worldwid e.  Inc. 
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Information  Systems  Manager: 
Designs,  plans,  implements  & 
maintains  all  computer  &  data 
comm,  systems:  Works  in  E- 
commerce  applications;  prepare 
design  integration  w/existing 
databases  in  Windows  2000 
environment  &  customer  sup¬ 
port;  Maintains  integrity  of  elec¬ 
tronic  records,  including  con¬ 
stant  review  of  pc  systems, 
information  processing  equip.  & 
software;  Works  w/MS  operating 
systems,  Windows  Networking, 
data  management,  &  software 
development,  MS  Exchange, 
Remote  Control  applications  & 
Web  Services;  Develops  data 
warehousing  application;  Dev¬ 
elops  E-commerce  app.  Using 
Macromedia  Dreamweaver, 
Fireworks,  &  flash  MX;  Prep, 
design  using  Adobe  Photoshop 
&  Coreldraw.  BS  of  Information 
Systems  &  2  yrs  of  exp.  in  job 
offered  -  40  hrs  per  wk,  9  -  5P, 
Send  resume  to:  Optimetrics, 
Inc.,  Attn:  Amando  Diaz,  (305) 
863-0122 


Lead,  design  &  dev.  of  new  soft¬ 
ware  products;  day-to-day  op.  of 
c360  network,  w/mail,  web,  & 
CRM  servers.  Deliver  all  tech, 
aspects  of  CRM  system  imple¬ 
mentations.  Working  w/  cus¬ 
tomer  &  project  team  to  analyze, 
deploy,  configure,  &  customize 
Onyx  Employee  Portal  v3.0  or 
other  customization.  B.S.  in  CS, 
Data  Proc.  Man.,  or  rel.  &  2  yrs. 
exp.  in  above  pos.  or  rel.  Exp.  in: 
dev.  C#  appl.  on  Microsoft's. NET 
framework:  deploying  CRM  sys¬ 
tems;  doing  custom  software 
deployment;  designing,  dev., 
delivering  &  supporting  software 
products.  Abii.  to  use:  Net 
framework,  SQL  Server,  ASP. 
NET,  HTML,  DHTLM,  Java 
Scnpt.  Microsoft  Cert.  Prof. 
Certification.  40.0  hr/wk.  9-5. 
Send  resume  to.  Mr.  John 
Gravely,  CEO.  c3S0  Solutions.  1 
Dunwoody  Paik.  Ste.  130, 
Atlanta,  GA  30338 


Hardware  Test  &  Support 
Engineer.  Under  supvn,  partici¬ 
pate  in  defining  &  carrying  out 
moderately  complex  test  plans 
for  co.  products  in  telecomm 
industry.  Consult  w/layout  & 
EMC  suppression.  Assist  in  test¬ 
ing  RF  &  satell.  commun.  hdw. 
Qualify  technic,  to  perform  tests. 
Perform  tasks  related  to  hdw. 
dsgn  &  dvlpmt  with  8/1 6/32-bil 
microproc./microcontr.  based 
sys.  Assist  proj.  mgmt  in  req. 
related  to  analysis,  dsgn,  proto¬ 
typing,  debugging,  testing,  trou¬ 
bleshooting,  performance,  docu¬ 
mentation,  revision  change 
mgmt,  manufact.  &  automated 
testings.  Req:  Bach  (or  for. 
equiv)  in  Electrical  or  Electronics 
Engg,  2  yrs  exp  in  job  offd  or  as 
Electrical  or  Electronic  Engr.  2 
yrs  exp  as  follows  (may  be  con¬ 
current);  exp.  w/electrical  engr. 
dsgn  testing  &  assembly  for 
manufact.  electronics  hdw.;  exp. 
w/PCB  dsgn,  CAD  &  schemat¬ 
ics;  &  exp  from  dsgn  to  assem¬ 
bly  in  manufact.  electronics  hdw. 
Resume  to:  M.  Mabry,  NIVIS 
LLC,  900  Circle  75  Pkwy.,  Ste 
1700,  Atlanta,  GA  30339. 


Systems  Analyst  needed  at 
client  sites  to  support  Solaris, 
HPUX,  RH  Linux  AS  on 
Intel/RISC  platforms,  WebLogic, 
iPlanet,  Apache,  SunOne,  DNS, 
NIS,  NFS,  sendmail,  Win  NT/2K 
DC  w/AD,  IIS,  MS-Exchange, 
Citrix  MetaFrame,  BMC  Patrol, 
BigBrother,  NetlQ  for  Win/Unix 
server  availability;  install  &  con¬ 
figure  SQL  &  Oracle  DB,  Visual 
Sci,  VoiceGenie,  Scansoft  OSR. 
Cadence,  Xilinx,  Optsim, 
Matlab,  Synopsys,  Synplicity; 
install  EMC  SAN,  VCS, 
NetBackup,  VxVM,;  network 
security  using  firewall  (iptables, 
Checkpoint);  network,  systms  & 
H/W  admin;  sizing  Enterprise 
servers  &  problem  resolution; 
shell  scripts,  file  systm  mgmt;  in- 
house  tech  documentation; 
24X7  prod,  support.  Resume  to: 
Global  Consultants,  Att:  Hireme, 
25  Airport  Rd,  Morristown,  NJ 
07960 


Jr.  Programmers,  Programmers, 
Software  Engineers  &  DBAs: 
Design,  develop,  test  and  imple¬ 
ment  specialized  software  apps. 
in  (a)  Oracle  Financials  & 
Manufacturing  11i  &  rel.  tools, 
Erwin,  Cognos  Suite,  Business 
Objects,  MF  Cobol  &  rel.  tech.; 
(b)  SQL  DBA,  Unix  Admin.,  VB, 
Sybase,  Cobol,  C,  Cold  Fusion 
&  rel.  tech.;  (c)  J2EE  &  rel.  tech., 
Rational  ClearCase,  CORBA, 
MQSeries  &  rel.  tools;  (d) 
PeopleSoft  HRMS  (HR,  Payroll 
and  Benefits  Administration) 
Application  Engine,  SQR,  Cobol, 
DB2,  CICS,  nVision,  Crystal 
Reports  &  rel.  tools;  (e)  Java  & 
rel.  tools,  CORBA,  Sybase, 
Swing,  Rational  Tools  &  rel. 
tech,  (f)  Oracle  Database  Admin, 
in  Oracle  1 1  i,  Oracle  Enterprise 
Manager,  Solaris  AIX,  VB,  C++, 
SQL*Plus  &  rel.  tools;  (g)  Cold 
Fusion  &  rel.  tools,  ASP,  XML, 
DHTML,  Crystal  Reports,  Java, 
VB,  DCOM,  MS  SQL,  Oracle  8i 
&  rel.  tools;  (h)  Oracle  Financials 
&  PeopleSoft,  Tuxedo,  Deve¬ 
loper  /  Designer  2000  &  rel. 
tools;  (i)  Hyperion  Essbase 
Apps.  &  rel.  tools;  (j)  Oracle, 
Peoplesoft,  ASP,  Java  &  rel. 
tools,  SQA  Robot,  Mercury  Test 
Director,  Silk  &  rel.  tools;  (k) 
JDK,  ASP,  CORBA,  Oracle,  SQL 
Server,  Linux,  VB,  HTML  &  rel. 
tools;  (I)  SAP-SEM,  SAP  R/3, 
SAP  BW,  ABAP/4,  SAP  (SD. 
MM,  PP,  FICO)  &  rel.  tech,  (m) 
Peoplesoft  Financials  (AP.  AR, 
GL,  FA)  &  rel.  tools.  US  Workers 
only.  Consulting  positions  req¬ 
uiring  travel.  Prevailing  wage/ 
benefits.  Send  resume  to  HR, 
Prosoft  Technologies,  Inc.,  3300 
Buckeye  Road,  Suite  379, 
Atlanta,  GA  30341,  identifying 
interested  position(s).  No 
Phone  calls  please. 


Software  Engineers-Multiple 
Positions:  wanted  by  an  IT  con¬ 
sulting  firm  in  Keene,  NH  to  work 
at  various  client  locations 
throughout  USA.  Respond  to 
HRD,  Infowave  Systems.  39 
Central  Square,  Suite  #201A, 
Keene.  NH-  03431.  For  all  these 
positions  we  need  Two  years 
experience  in  software  design 
and  development  with  a 
Bachelors  Degree  or  equivalent. 

SAP  ERP  Engineers:  Software 
Development  Experience  in 
implementing  web  enabled  SAP 
ERP,  ver  4.0  and  above,  in  mod¬ 
ules  such  as  SD,  MM,  FI/CO,  BW 
etc.  Must  have  hands  on  experi¬ 
ence  on  RDBMS,  Testing  and 
Internet  Technologies. 

Oracle  Data  Warehouse 

Engineers:  Experience  in  design¬ 
ing  an  developing  enterprise  data 
warehouse  applications  on 
Oracle  8i/8.x,  UNIX  and  Windows 
using  PL/SQL,  Oracle 

Forms/Reports,  ETL  Informatica, 
Bl  Business  Objects,  Database 
tuning,  shell  scripts,  Oracle 
Applications  ll.x/IO.x.  Other 
desired  skills  include  Pro*C, 
HTML,  Java  Script,  VB  Script, 
PERL  and  testing  tools. 

Microsoft  and  ERP  Engineers: 
Experience  in  designing  and 
developing  enterprise  and  web 
applications  using  Erwin,  ASP, 
Visual  Basic,  ERP  GEAC  &  Great 
Plains,  Dexterity,  RDBMS, 
Crystal  Reports  and  scripting  lan¬ 
guages  on  Net  Frame  work, 
Windows  NT/2000,  UNIX  and  IIS. 

Java  Engineers:  Experience  in 
Designing  and  developing  enter¬ 
prise  and  web  applications  using 
Java,  J2EE,  JSP,  EJB,  Servelets, 
XML  suite,  Middle-tier,  Rational 
Rose,  UML,  Used  Cases,  BPMS 
etc.  on  UNIX  and  windows  plat¬ 
form.  Must  have  strong  skills  in 
Database  programming  ant 
RDBMS.  Others  skills  incl.  script¬ 
ing  languages. 

Oracle  Software  Engineers: 
Experience  in  3  tier  enterprise 
applications  using  Oracle  8i/8.x, 
PL/SQL,  Pro*C,  Forms,  Reports, 
Oracle  Applications,  Discoverer, 
Designer,  Erwin,  Shell  scripts, 
middleware  such  as  9iAS,  OAS, 
IIS  etc.  on  UNIX. 

Oracle  Database  Administrators: 
Experience  in  Oracle  81/8. x  data¬ 
base  administration,  data  model¬ 
ing  and  database  design.  Also 
experience  in  performance  tuning 
of  large  databases,  backup  and 
recovery,  database  security,  data 
warehouse  and  OLAP  develop¬ 
ment.  Skills  should  include 
PL/SQL,  SQL,  Shell  Scripts,  awk, 
Cron,  OEM,  Server  Manager, 
Unicenter,  UNIX  and  Windows 
NT/2000.  Other  skills  desired 
DBMS  like  SQL  server,  MS 
Access,  Sybase  etc,  program¬ 
ming  skills,  ETL  processes  etc. 


Software  Dev.  Co.  req.  Software 
Engineer  w/MS  &  1  yr  exp.  & 
Programmer  Analyst  w/BS  &  24 
mos.  exp.  in  foil:  Visual  Basic, 
Oracle,  PowerBuilder,  Sybase, 
Java,  Unix,  C++,  AS/400,  SQL 
Serv,  Synon,  Cobol,  Lotus 
Notes.  SAP,  ABAP,  BW,  FICO, 
BASIS,  PEOPLESOFT,  CRM. 
HRMS,  Financials,  Java  Script, 
HTML,  DB2,  Corba,  CICS,  ILE, 
RPG,  EJB,  Siebel,  JD  Edwards, 
WebLogic,  Rational  Rose. 
Equiv.  Deg.  &  exp  also  accept¬ 
ed.  Travel  &  Relocation  req. 
anywhere  in  U.S.  Send  res.  to 
Attn:  Recruiter,  Allied  Infor¬ 
matics,  Inc,  9111  Cross  Park  Dr., 
Ste.  D-200,  Knoxville,  TN  37923. 


Computer 

AlphaSoft  Services  Corp.  is  a 
rapidly  growing  systems  integra¬ 
tion  &  software  development  ser¬ 
vices  provider.  We  are  currently 
recruiting  for  the  following  FT 
openings  in  Walnut  Creek,  CA: 

‘Software  Engineers 
‘Computer  Programmers 
‘Project  Engineers 
*Jr.  Project  Engineers 
All  positions  may  require  travel 
and/or  temporary  relocation.  For 
more  information,  please  visit  our 
website  at  www.alphasoftser 
vices.com.  Apply  by  mail  to  HR, 
2121  N.  California  Blvd.  #350, 
Walnut  Creek,  CA  94596,  (925) 
932-3743  -  fax,  or  email 

ITJOBS@alphasoftservices.com 


IT  Company  has  multiple  open¬ 
ings  in  various  locations  nation¬ 
wide  for  IT  Professionals  with 
the  foil  skill  sets  in 
Windows/UNIX: 

-  J2EE,  Web  Services,  Wireless 
technologies,  Multimedia, 

Oracle  (Job  Code  JJ04) 

-  Delphi,  Power  Builder,  ASP, 
XML.  MS  SQL  Server  (Job 
Code  SQ04) 

-  Data  Warehousing. 

Informatica,  MicroStrategy, 
PL/SQL,  ERWIN,  Shell 
Scripting  (Job  Code  DW04) 

-  C,  C++,  Visual  C++,  NuMega, 
Driver  studio.  (Job  Code  CC04) 

-  Oracle,  DHTML,  Multimedia, 
Flash,  Photoshop, 

Dreamweaver  (Job  Code 
MM04) 

-  PeopleSoft  8.x  technical  and 
functional  knowledge  (Job  code 
PS04) 

Requires  Bach  deg  or  its  equiv  & 
1-3  yrs  exp.  Will  accept  any 
combination  of  education,  train¬ 
ing  and/or  experience  that 
meets  minimum  requirements. 
Must  refer  to  Job  Code  when 
applying.  Send  resume  to: 
Insyst,  Inc.,  271  Route  46  West, 
Suite  A201,  Fairfield,  NJ  07004. 
Fax:  973-808-0237,  Email: 
jobs@insystus.com 


itcareers.com 
can  solve  the 
labyrinth  of 
job  hunting  by 


Seeking  qualified  applicants  for 
the  following  positions  in 
Collierville,  TN:  Senior  Project/ 
Process  Analyst.  Perform  pro¬ 
ject  planning  and  analysis  and 
provide  project  leadership  for  IT 
projects,  processes  and/or  on¬ 
going  programs.  Requirements: 
Bachelor's  degree  or  equivalent* 
in  business,  computer  science, 
MIS  or  related  field  plus  5  years 
of  experience  in  planning,  pro¬ 
ject  management  or  process 
analysis  of  IT  projects. 
Experience  with:  either  SQL, 
ASP  or  CSP;  either  Crystal 
Reports  or  Crystal  Enterprises; 
and  Windows  2000  Server  also 
required.  ‘Master's  degree  in 
appropriate  field  will  offset  2 
years  of  general  experience. 
Submit  resumes  to  Roger 
Wright,  FedEx  Corporate 
Services,  80  FedEx  Parkway, 
Room  108,  Collierville,  TN 
38017.  EOE  M/F/D/V. 


matching  the 
right  IT  skills 
with  the  right 
IT  position. 
Find  out  more 
at: 

www.itcareers.com 


IT  Careers  Wants 
You! 

Take  the  hassle  out  of 
job  searching  and 
check  us  out  at 
www.itcareers.com. 
Today,  more  than  ever, 
the  right  skills  fuel  the 
new  economy  and  IT 
Careers  wants  you  to  be 
there.  Check  us  out  at: 
www.itcareers.com 


Computerworld 


InfoWorld 
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IT  PROFESSIONALS 

Consultant 

(Glen  Mills,  Pennsylvania  and 
other  locations  through  the 
U  S  ).  Responsible  for  the  life- 
cycle  of  projects  including  busi¬ 
ness  process  requirements 
analysis,  process  and  data  mod¬ 
eling,  design,  development  and 
testing  for  implementing  e-busi¬ 
ness  applications.  Engage  in 
the  design  and  customization 
required  for  integrating  Siebel 
with  backend  applications  utiliz¬ 
ing  Siebel  EAI  (Enterprise 
Application  Integrationjfor  sev¬ 
eral  CRM  (Customer 

Relationship  Management)  Call 
Center  implementations. 

Involved  in  the  development  of 
the  architecture  and  infrastruc¬ 
ture  of  core  services  used  as  the 
central  engine  for  Siebel  integra¬ 
tion  services.  Responsible  for 
design  and  development  of 
unique  e-business  solutions 
designed  to  strengthen  cus¬ 
tomer  relationships  by  support¬ 
ing  web  services.  Engage  in  the 
integration  of  existing  enterprise 
systems  for  strategic  planning, 
implementation,  and  operational 
support.  Involved  in  technical 
design  analysis,  documentation, 
and  end-to-end  testing  between 
Siebel  and  external  applications. 
Responsible  for  detailed  design 
deliverables,  code  reviews,  and 
quality  assurance  testing.  The 
wage  offered  is  $57,040  per 
year. 

The  work  schedule  is  Monday- 
Friday,  9:00  am  to  5:00  pm.  The 
minimum  requirements  are  as 
follows:  Bachelor’s  degree  or 
equivalent  in  Computer  Science, 
Engineering  (any),  Math, 

Information  Systems  or 

Business  Administration  +  2 
years  of  experience  in  the  job 
offered  or  2  years  of  experience 
as  a  Consultant  or  Systems 
Analyst.  Employer  will  regard  a 
foreign  degree  to  be  equivalent 
to  a  U.S.  Bachelor's  degree  as 
determined  by  an  accredited 
credentials  evaluation  service. 
Related  experience  must 
include  Customer  Relationship 
Management  (CRM)  and  Siebel 
EAI  (Enterprise  Integration 
Application). 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number 
WEB424061  to  the:  PA 
Careerlink,  FLC  Unit, 235  W. 
Chelten  Avenue,  Philadelphia, 
PA  19144.  EOE 

IT  PROFESSIONALS 

Manager 

(Glen  Mills,  Pennsylvania  and 
other  locations  through  the  U.S  ) 
Lead  medium  sized  teams  in  all 
phases  of  software  development 
life  cycle  (SDLC),  including 
application  design,  develop¬ 
ment,  testing  and  deployment. 
Lead  components  of  global 
large-scale  IT  solution  imple¬ 
mentations.  Manage  outsourc¬ 
ing  projects  in  global  software 
delivery  centers.  Implement 
Software  Quality  Assurance 
processes  for  clients  utilizing 
CMM  (Capability  Maturity 
Model)  methodologies  to 
improve  and  optimize  the  devel¬ 
opment  process.  Develop 

strategies  for  business  transition 
and  go-live  from  legacy  to  new 
systems.  Analyze  and  develop 
multi-platform,  multi-tiered,  high 
transaction  volume  custom 
applications  using  diverse  tech¬ 
nologies  such  as  Java,  COM, 
Active  Server  Pages,  C++  and 
Visual  Basic.  Apply  functional 
experience  in  the  Financial 
Services  Industry  and  in  the 
Manufacturing  and  Logistics 
Industries  utilizing  package 
scanning  and  tracking.  The 
wage  offered  is  $102,700  per 
year. 

The  work  schedule  is  Monday- 
Friday,  9:00  am  to  5:00  pm.  The 
minimum  requirements  are  as 
follows:  'Bachelor's  degree  or 
equivalent  in  Computer  Science, 
Math,  Business  Administration, 
Engineering  (any)  or  Information 
Systems  +  4  years  of  experience 
in  the  job  offered  or  4  years  of 
experience  as  a  Senior 
Consultant,  Senior  Systems 
Analyst,  IT  Analyst  or  Assistant 
Systems  Analyst.  Related  expe¬ 
rience  must  include  at  least  one 
year  in  the  Financial  Services 
Industry  and  in  the 

Manufacturing  and  Logistics 
Industries  utilizing  package 
scanning  and  tracking,  C++  pro¬ 
gramming,  Java,  Visual  Basic, 
Capability  Maturity  Model 
(CMM),  COM,  Active  Server 
Pages,  SDLC  methodology  and 
outsourcing  project  manage¬ 
ment. 

'Employer  will  regard  a  foreign 
degree  to  be  equivalent  to  a 
U.S.  Bachelor's  degree  as  deter¬ 
mined  by  an  accredited  educa¬ 
tional  evaluation  service. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number 
WEB424945  to  the:  PA 
CareerLink,  FLC  Unit, 235  West 
Chelten  Avenue,  Philadelphia. 
PA  19144.  EOE 

Seeking  individuals  to  work  at 
various  locations  throughout  the 
U.S.  Software  Engineers,  Prog¬ 
rammer  Analysts,  SAS  Data 
Warehouse  Analysts,  Tech 
Project  Manager,  Quality 
Assurance  Engineers,  DBA's 
and  System  Administrators.  We 
are  seeking  individuals  with  any 
of  the  following  skills:  Sybase, 
Oracle,  C++,  VC++,  Pro‘C,  Fox¬ 
Pro,  SAS,  Vitria  Businessware, 
.net  technologies,  Informatica 
business  objects.  Apply  to: 
Sagarsoft.  78  Eastern  Boul¬ 
evard.  Glastonbury.  CT  06033. 

SAP  Project  Analyst,  Sr  -  Sales 
&  Distribution  (SD):  Req. 
Bachelors  or  equiv.  in  CS  or 
Eng.  or  related  +  3  yrs.  relevant 
exp.  to  oversee  configuration  & 
functional  support  of  SAP  appli¬ 
cations  in  areas  of  sales,  pricing, 
contracts,  chargebacks,  billing  & 
shipping  of  SAP  SD  module; 
evaluate  &  implement  system 
enhancements.  Perform  tasks 
using  UNIX,  SQL,  RDBMS, 
manufacturing  applications, 
client/server  &  knowledge  of  rel¬ 
evant  FDA  protocols.  B.  Braun 
Medical,  Bethlehem,  PA.  Fax 
resume  to  (610)  861-5991.  No 
phone  calls. 

Software  Engineer 

Research,  design,  develop, 
test,  install  software  applica¬ 
tions;  provide  tech,  leadership; 
work  on  GTP  involving  data 
from  legacy  system  to  Oracle 
11i;  customer  conversion  pro¬ 
grams,  validation  queries  using 
ERP;  MS  SQL  server,  MS 
Access,  Oracle  PL/SQL,  VB 
6.0,  Win  2000/NT,  UNIX,  SQL 
Loader/Plus/Navigator  &  Toad 
Tools.  Req  BS  in  Mech.  Eng.  or 
related/equivalent  &  5  yrs.  exp. 
Resume  to  HR,  Aurora  Tech¬ 
nologies,  555  Metro  Place 
North,  Ste.  100,  Dublin,  OH 
43017. 

Database  Analyst  (Overland 
Park,  KS):  Analyze/integrate/ 
test  mgmt  info  sys.  using 
C/C++,  VB,  &  SQL  w /  Access 
db  on  Win2000/NT;  modify  tech 
specs  according  to  busi. 
requirements;  code  db  descrip¬ 
tion  &  specify  identifiers  to 
ensure  efficient  exe.;  main¬ 
tain/modify/debug  db  to  ensure 
data  integrity,  and  improve  db 
security;  specify/grant/revoke 
user  db  access  privilege. 
Requires  BS  in  Comp.Sc.  or 
MIS.  Full  time.  Resume  to: 
Richard  Ng,  Ja  Lings  Corp. 
7105  W.  135th  St.,  Overland 
Park.  KS  66223.  NO  CALL/EOE 

Software  Developers,  NC  &  MA. 
Use  SI  corp  standard  dev  tools 
&  project  method  to  develop, 
install  &  test  solutions  to  specific 
user  tech  &  bus.  problems  with¬ 
in  context  Banking,  BillPay  & 
Enterprise  Platform  Financial 
Software  application  products 
using  various  technologies: 
JAVA,  J2EE,  JMS,  JSP,  EJB, 
XML,  Struts,  IFX,  OFX,  JUnit, 
ANT,  WSAD  and  XSLT,  web¬ 
sphere  &  weblogic,  Forte 
Enterprise  &  Corba,  DB2,  SQL 
Server,  Oracle  &  Informix,  clear 
case  &  quest,  RUP,  Actuate 
report  tool,  C++,  SOAP,  and 
MXL,  WDSL  Schema  on  Sun 
Solaris  Sys.  Req.  BS  CS/Engg 
or  tech  related;  2yrs  exp  as  SAW 
engg/prog/consultant. 
Knowledge  of:  (D3BP)  Java, 
JSP,  J2EE,  OFX,  IFX,  and  XML; 
or  (D2)  J2EE,  Oracle.  SQL. 
DB2,  XML,  ORBIX  &  ILERPG, 
Actuate  Report  Generation;  or 
(D3EP)  Java,  JSP,  J2EE,  EJB, 
websphere  &  weblogic,  DB2 
Struts,  clear  case  &  clear  quest; 
or  (D4)  JSP,  Java,  JavaScript, 
UNIX  shell  SQL.  Resumes:  N 
Green.  SI,  Inc.,  3500  Lenox 
Rd.,  Suite  200,  Atlanta,  GA 
30326. 


Semantic  Space  has  a  con¬ 
tinuing  need  for  multi  skilled 
IT  professionals.  Positions 
available  are  Software 
Engineers  with  .net, 
VBScript,  Jscript,  ASP.net 
skills;  Programmer/Analyst, 
Project  Leader/Manager 
with  extensive  experience 
in  IT  industry.  Send  resume 
to:  100  Pacifica,  #270, 
Irvine,  CA  92618.  Attn:  HR 
or  fax  to  949-203-2286 


Imagine 

a  workplace..; 


...rich  in  culture , 
benefits  and  innovation. 
That's  US  A  A! 


With  more  than  $71  billion  in  assets,  USAA  is  a 
member-owned  Fortune  200  company  providing  diversified 
financial  services  for  the  armed  forces  and  their  families.  Through 
our  IT  organization,  we  provide  leading  edge  information  technology 
tools  and  solutions  for  all  of  USAA. 

USAA  has  been  named  as  one  of  the  "Top  100  Best  Companies  to  Work 
in  IT"  and  is  an  industry  leader  in  financial,  banking  and  insurance  related 
technologies. 

Multiplatform  Environment:  JAVA/J2EE,  C++,  COBOL/CICS/DB2/IMS, 
UNIX,  AIX,  SOLARIS,  MVS,  ORACLE,  SQL  SERVER,  UDB,  WEBSPHERE 
v.  5.0,  PEOPLESOFT 

We  are  currently  searching  for  leading  technology 
experts  for  the  following  positions: 

Systems  Analysts 
Technical  Project  Managers 
Senior  Design  Analysts 
Security  Analysts 
Systems  Programmers 
Systems  Architects 
Java  Developers 
Documentum  Specialist 

For  more  information  about  what  makes  USAA  such  a  remarkable 
place  to  build  a  career  in  Information  Technology,  visit  our  website. 

www.usaa.com 


We  know  what  it  means  to  serve f 

INSURANCE  •  BANKING  •  INVESTMENTS  •  'MEMBER  SERVICES 
We  are  an  Equal  Opportunity  Employer  committed  to  diversity. 


USAA 
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Senior  Consulting  Support 
Engineer-Waltham.  MA:  Manage 
customer  relationships  by  provid¬ 
ing  exemplary  customer  support 
on  &  off  site  24/7.  Support  all 
functional  &  technical  incoming 
telephone  &  e-mail  questions 
from  80+  installations  using  exp 
w /  supporting  clustered  &  stand- 
oy  Oracle  database  configura¬ 
tions  on  UNIX/NT.  Assist  cus¬ 
tomers  in  troubleshooting,  repro¬ 
ducing  &  solving  application, 
operating  system,  network  & 
database  issues  using  exp  w / 
supporting  Windows  NT  Server 
production  networks  &  enterprise 
backup  systems.  Evaluate  &  test 
new  releases  of  operating  sys¬ 
tems/server  based  applications 
&  services/development  systems 
using  Java  and  C++.  Using  exp 
w/  designing  logical  &  physical 
database  schemas  for  Oracle  & 
SQL  Server,  plan,  develop,  docu¬ 
ment,  support  &  perform  integra¬ 
tion  of  related  software,  w/  exist¬ 
ing  customer's  data  processing 
systems  &  environment,  support 
all  field  engineers  during  imple¬ 
mentation  cycles  &  plan,  docu¬ 
ment  &  perform  operating  sys¬ 
tem,  network  &  database 
upgrades  remotely  &  on  site. 
Assist  customers  w /  planning, 
testing  &  implementing  disaster 
recovery  of  production  systems 
using  exp  w/  supporting  Oracle  & 
SQL  Server  databases  in  pro¬ 
duction  &  development.  Develop 
&  deploy  complex  scripts  & 
macros  to  automate  administra¬ 
tive  tasks,  transform  &  process 
data,  resolve  data  integrity  & 
data  corruption  issues  using  exp / 
with  PL/SQL  programming, 
including  developing,  debugging 
&  deploying  complex  scripts, 
stored  procedures  &  packages. 
Using  exp  w/  supporting 
Windows  NT/9x  user  worksta¬ 
tions,  replicate  users  environ¬ 
ment  to  perform  mock  upgrades 
&  test  configuration  alterations  & 
program,  test,  document  &  per¬ 
form  quality  assurance  activities 
on  new  product  features  prior  to 
beta  &  general  availability. 
Consult  on  the  hardware  &  soft¬ 
ware  requirements  for  new  cus¬ 
tomer  implementations  using  exp 
w/  supporting  Solaris  systems  in 
production  environment  &  cluster 
systems  on  Solaris.  Evaluate 
new  releases  of  vendor's  operat¬ 
ing  systems  &  server  software  to 
make  assessment  of  version 
compatibility  issues.  Minimum 
Reqmts:  U.S.  Bachelor's  or  for¬ 
eign  equiv.  in  Engineering, 
Computer  Science,  Math,  or 
related  technical  field,  +  2  yrs  of 
exp.  in  the  job  offered  or  in  posi¬ 
tion  involving  support  of  Oracle 
databases  on  UNIX/in  prodctn  & 
dvlpmnt  envir.  2  yrs  of  exp  must 
include:  supporting  clustered  & 
standby  Oracle  database  config¬ 
urations  on  UNIX/NT  in  produc¬ 
tion  &  development  environ¬ 
ments;  PL/SQL  programming, 
including  developing,  debugging 
&  deploying  complex  scripts, 
stored  procedures  &  packages; 
&  supporting  Windows  NT  & 
Solaris  systems  in  production 
environment  &  cluster  systems 
on  Windows  NT  &  Solaris;  &  1 
year  of  exp  w/  the  following: 
interfacing  w/  customers  to  pro¬ 
vide  technical  support;  &  design¬ 
ing  logical  &  physical  database 
schemas  for  Oracle  &  SQL 
Server.  Must  be  able  to  travel  on 
short  notice  &  be  on-call  during 
nights  &  weekends.  Must  pos¬ 
sess  excellent  oral  &  written 
communication  skills.  Hours:  M- 
F,  9  am-5  pm.  On  call  nights  and 
weekends.  Rate  of  Pay:  $75,000/ 
yr.  Please  submit  2  copies  of 
resume  to:  Case  #  200300036, 
Div.  of  Career  Services,  Labor 
Certification  Unit,  19  Staniford  St, 
1st  FI,  Boston,  MA  02114 


SAP  Consultants/Software 
Engineers  needed.  Sev.  posi¬ 
tions  available  for  candidates 
possessing  MS/BS  or  equiva¬ 
lent  and/or  relevant  work 
experience  Part  of  the  req. 
rel  exp,  must  include  either  2 
yrs.  with  SAP  or  ABAP/4  or  3 
yis.  with  SAP.  Mail  resume, 
references  and  salary  require¬ 
ments  to:  Seal  Consulting, 
Inc.,  101  Fieldcrest  Avenue, 
Raritan  Plaza  III,  Edison,  NJ 
08837. 


Jr.  Programmers,  Programmers, 
Software  Engineers  &  DBAs: 
Design,  develop,  test  and  imple¬ 
ment  specialized  software  apps 
in  (a)  Oracle  Financials  & 
Manufacturing  1 1  i  &  rel.  tools, 
Erwin,  Cognos  Suite,  Business 
Objects,  MF  Cobol  &  rel.  tech.; 
(b)  SQL  DBA,  Unix  Admin.,  VB, 
Sybase,  Cobol,  C,  Cold  Fusion 
&  rel.  tech.;  (c)  J2EE  &  rel.  tech., 
Rational  ClearCase,  CORBA, 
MQSeries  &  rel.  tools;  (d) 
PeopleSoft  HRMS  (HR,  Payroll 
and  Benefits  Administration) 
Application  Engine,  SQR,  Cobol, 
DB2,  CICS,  nVision,  Crystal 
Reports  &  rel.  tools;  (e)  Java  & 
rel.  tools,  CORBA,  Sybase, 
Swing,  Rational  Tools  &  rel. 
tech,  (f)  Oracle  Database  Admin, 
in  Oracle  11  i,  Oracle  Enterprise 
Manager,  Solaris  AIX,  VB,  C++, 
SQL'Plus  &  rel.  tools;  (g)  Cold 
Fusion  &  rel.  tools,  ASP,  XML, 
DHTML,  Crystal  Reports,  Java, 
VB,  DCOM,  MS  SQL,  Oracle  8i 
&  rel.  tools;  (h)  Oracle  Financials 
&  PeopleSoft,  Tuxedo,  Deve¬ 
loper  /  Designer  2000  &  rel. 
tools;  (i)  Hyperion  Essbase 
Apps.  &  rel.  tools;  (j)  Oracle, 
Peoplesoft,  ASP,  Java  &  rel. 
tools,  SQA  Robot,  Mercury  Test 
Director,  Silk  &  rel.  tools;  (k) 
JDK,  ASP,  CORBA,  Oracle,  SQL 
Server,  Linux,  VB,  HTML  &  rel. 
tools;  (I)  SAP-SEM,  SAP  R/3, 
SAP  BW,  ABAP/4,  SAP  (SD, 
MM,  PP,  FICO)  &  rel.  tech,  (m) 
Peoplesoft  Financials  (AP,  AR, 
GL,  FA)  &  rel.  tools.  US  Workers 
only.  Consulting  positions 
requiring  travel.  Prevailing 
wage/benefits.  Send  resume  to 
HR,  SSG.  3300  Buckeye  Road, 
Suite  555,  Atlanta,  GA  30341, 
identifying  interested  position(s). 
No  Phone  calls  please. 


Computer  Support  and 
Provisioning  Specialist  to  pro¬ 
vide  circuit  provisioning 
assignments  for  ATM/DSL 
provisioned  circuits  and 
comp,  support  for  end  users 
of  High  Speed  Internet 
Access  circuits  (ATM/DSL/T1) 
services.  F/T  position  M-F 
pays  market  level  salary. 
Applicants  with  Bachelor's 
degree  in  Comp.  Sc.  or  M.I.S. 
plus  1  yr  related  exp.,  send 
resumes  only  to  H.R. 
Computer  Office  Solutions, 
7266  SW  48  St.  Miami,  FL 
33155 


Positions  opening  for  IT  profes¬ 
sionals  Internet/Web  Progra¬ 
mmer  Analysts  who  must  have 
M.S/M.A  or  equiv,  in  C.S  or 
Engg  (any  branch)  or  math  or 
Business  Administration  or  relat¬ 
ed  field  &  2yrs  exp  in  Java, 
Servlets.  JSP,  HTML,  ASP.NET, 
C#,  Stylesheets,  IBM  MQ 
Series,  XML,  WebLogic  & 
rel.technologies.  Please  send 
resumes  only  to  HR,  Datamatrix 
Systems,  Inc.,  4494  Acworth 
Industrial  Drive,  #95,  Acworth, 
GA  30101. 


Sr.  System  Analysts  to  lead 
teams  to  analyze,  design  appls 
using  C,  Java,  XML,  HTML, 
Java  Script,  Oracle,  etc.  under 
Unix/Windows  OS;  tune  appls 
for  better  performance;  interact 
with  clients  and  end  users  for 
reqs  gathering;  perform  project 
planing,  scoping  and  schedul¬ 
ing;  provide  technical/business 
guidance  for  complex  user  prob¬ 
lems;  study  and  evaluate  new 
methodologies/tech.  Require  a 
B.S.  or  foreign  equivalent  in 
CS/Engg  (any  branch)  with  3  yrs 
exp  in  IT.  High  salary.  F/T.  Travel 
involved.  Resume  to:  HR, 
Unilinx,  Inc.,  4625,  Alexander 
Dr..  Ste  110,  Alpharetta,  GA 
30022. 


Seeking  qualified  applicants  for 
the  following  positions  in 
Collierville,  TN:  Senior  Progra¬ 
mmer  Analyst.  Formulate/define 
functional  requirements  and 
documentation  based  on  acc¬ 
epted  user  criteria.  Req¬ 
uirements:  Bachelor's  degree  or 
equivalent*  in  computer  science, 
engineering,  MIS,  computer 
information  systems  or  related 
field  plus  5  years  of  experience 
in  systems/applications  develop¬ 
ment.  Experience  with  J2EE, 
Weblogic,  and  Oracle  database 
technology  also  required. 
'Master's  degree  in  appropriate 
field  will  offset  2  years  of  gener¬ 
al  experience.  Submit  resumes 
to  Cynthia  Thompson,  FedEx 
Corporate  Services,  90  FedEx 
Parkway,  2nd  Floor  Horizontal, 
Collierville,  TN  38017.  EOE 
M/F/DA/. 


Technical  Analyst  System 
Development:  research,  evalu¬ 
ate,  implement  and  coordinate 
changes,  maintenance  and 
technical  support  of  systems  or 
applications.  Compile  and  write 
documentation  to  describe  pro¬ 
gram  development,  performs 
research,  identifies  program 
problems  and  develops  solu¬ 
tions.  Code,  test,  debug,  docu¬ 
ment  and  maintain  application 
programs.  Resolves  problems 
by  evaluating  processes  and 
implementing  necessary  correc¬ 
tive  measures  implement  and 
document  modifications  to  soft¬ 
ware  applications  currently  in 
use.  Req.  BS  or  equivalent  in 
CS  or  MIS  with  proficiency  in 
COBOL,  SAS,  and  JCL.  40 
hr/wk,  8-5.  Fax  resume  to  870- 
365-4966. 


Software  Engineer  -  Must  have 
B.S.  or  eqvlt.  in  Science  or  Engg. 
or  Related  Field  and  2  years  of 
experience  in  architecting  and 
developing  analytical  and 
Datawarehousing  solutions, 
gathering  metric  and  reporting 
requirements  from  clients, 
installing,  configuring  and  perfor¬ 
mance  tuning  of  Datawarehouse 
solutions  utilizing  ETL  tools, 
SAS,  PL/SQL,  sql  bulk  loader 
and  dealing  with  Pharmaceutical 
Sales  and  Marketing  Org¬ 
anization  and  related  data. 
Knowledge  of  Informatica  and 
ability  to  travel  is  required. 
Location:  Deerfileld  Beach,  FL. 
89K/Yr.  Send  resume  to  Shiva 
Systems  5749  Camino  Del  Sol 
Unit  206  Boca  Raton  FL  33433. 


Computer  Software  Associates 
(ICSA)  is  looking  for  IT  profes¬ 
sionals  to  customize  applications 
for  clients  and  business  develop 
and  operation  analyst  to  promote 
IT  business  &  placement.  BS/MS 
or  equivalent  required.  Must 
have  related  experience.  Please 
contact:  raghu-ponnala@icsa- 
us.com.  EOE 

Perry  Johnson  Registrars  is  look¬ 
ing  for  programmer  analyst  and 
DBA  to  design  data  center, 
Spanish  version  Web  for 
Latin/Spanish  business.  BS  or 
equivalent  with  experience  is  the 
minimum  requirement.  Can¬ 
didate  must  be  fluent  in  Spanish. 
Please  contact  pjr@pjr.com. 
EOE 


Computer  Support  Specialist  - 
provide  computer  support, 
implemt  &  maintain  networked 
computer  system  &  security  for 
system.  Assist  in  manag'g  data¬ 
base,  develop  customized 
reports  thru  integrated  system  for 
process'g  inventory  levels,  pur- 
chas'g,  sales  &  invoic'g.  Assist  in 
develop'g  websites,  modif.s  & 
tech.  Investigate  &  resolve  user's 
software  &  hardware  problems. 
Train  users  &  answer  inquiries  re 
e-mail,  op’g  systems  &  program- 
m'g  languages.  35  hrs.  Bach's 
degree  (or  for.  equiv.)  in 
Computer  Science,  Elec'l  or 
Electronic  Engrg  +  2  yrs  exp 
reqd.  Fax  resume  &  salary 
reqmts  to  (305)  373-5596,  Attn: 
Mr.  Baid,  Karats  &  Facets. 
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find  a  job 

The  IT  Career?  Network  uses  the  power  of  The  Wall 
Street  Journal's  CareerJoumal  jobs  database  lo  bring 
you  the  largest  concentration  of  IT  jobs  available  Get 
e-mail  noltfications  when  new  jobs  match  your 
search  criteria  Post  an  online  resume  and  more 

•  search  jobs 
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•  edit  a  Job  Atari 

•  post  a  resume 

•  ndit  youi  resume 


features  &  tips 

Gather  the  bast  IT  caieer-related  information, 
features,  news  and  tips  from  some  of  the  best 
sources  in  ihe  industry  They  bring  readers  regular 
items  such  as  opinions  and  advice  from  industry 
experts,  special  packages  and  supplements  on 
career  trends,  salaries  contracting,  hiring  and 
retention  issues 
•  Gomputeiworld 


post  a  job 

Finding  the  right  IT  professionals  to  fill  your  available 
positions  can  be  a  challenging  and  time  consuming 
effort  fT  Careers  can  help  With  Ihe  2  2  million 
unique  visitors  each  month,  the  online  services  that 
are  available  through  IT  Careers  is  a  smart  way  to 
delrvei  and  job  posting 

•  post  jobs 

•  search  resumes 

•  become  a  Featured  Employer 

•  online  opportunities 
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is  the  place  where  your 
fellow  readers  are  getting 
a  jump  on  even  more  of 
the  world's  best  jobs. 


Now  combined  with 
CareerJournal.com, 
you  have  more  jobs 
to  choose  from. 


Stop  in  for  a  visit  and 
see  for  yourself  at: 
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IT  PROFESSIONALS 

Senior  Consultant 

(Glen  Mills,  Pennsylvania  and 
other  locations  through  the 
U  S  ).  Design,  deliver  and 
develop  cost-effective  high-per¬ 
formance  technology  solutions 
to  meet  challenging  demands 
utilizing  Production  Planning, 
Materials  Management  and 
Shop  floor  Management.  Use 
Object-Oriented  Development 
(Java,  Visual  Basic),  JSP, 
Oracle  and  Rational  Rose  UML 
to  customize  Change 
Management,  Document 
Management  and  BOM 
Management  user  interfaces 
through  template  processors. 
Utilize  knowledge  in  all  facets  of 
project  lifecycle  development, 
from  initial  feasibility  analysis 
and  conceptual  design  through 
documentation,  implementation 
enhancement  and  support. 
Assess  the  infrastructure  and 
network  architecture  for  divi¬ 
sions  and  recommend  To-Be 
Infrastructure/architecture  to 
support  the  DS  PLM  (Design, 
Manufacturing  and  Quality 
Management)  application.  The 
wage  offered  is  $82,200  per 
year.  The  work  schedule  is 
Monday-Friday,  9:00  am  to  5:00 
pm. 

The  minimum  requirements  are 
as  follows:  Bachelor’s  degree  in 
Computer  Science,  Engineering 
(Any),  Math,  Information 
Systems  or  Business  Admin¬ 
istration  +  2  years  of  experience 
in  the  job  offered  or  2  years  of 
experience  as  a  Senior  Cons¬ 
ultant,  Developer  or  Production 
Engineer.  Related  experience 
must  include  at  least  2  years  of 
experience  with  PLM  (Design, 
Manufacturing  Processes  and 
Quality  Management);  Oracle 
and  Object  Oriented  Develop¬ 
ment  (Java,  VB). 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number 
WEB422173  to  the:  PA 
Careeriink,  FLC  Unit,  235  W. 
Chelten  Avenue,  Philadelphia, 
PA  19144.  EOE 


IT  PROFESSIONALS 
Senior  Manager 

(Glen  Mills,  Pennsylvania  and  other  locations  through  the  U.S.). 
Responsible  for  leading  Supply  Chain  Management  engagements  for 
Fortune  500  companies  including  proposal  development,  sales  and  pro¬ 
ject  execution.  Provide  Outsourcing  Advisory  and  Strategic  Procurement 
Services  for  clients'  critical  business  functions  in  the  areas  of  IT  opera¬ 
tions,  Care  Centers,  and  Communication  Networking.  Utilize  knowledge 
of  wireless,  wireline  and  financial  services  to  conduct  Financial  Modeling, 
Cost  of  Ownership  Modeling,  Financial  Engineering,  Lease  vs.  Buy  Cost 
Benefit  Analysis  and  Activity  Based  Costing.  Lead  vendor  Contract 
Negotiations  including  the  development  and  negotiations  of  Master 
Service  Agreements,  Service  Level  Agreements,  Statements  of  Work  and 
Large  Project  Features  for  complex  sourcing  and  outsourcing  engage¬ 
ments.  Lead  Telecommunications  engagements  involving  voice  and  data 
network  architecture,  optimization  strategies,  cost  structure  and  cost 
reduction  strategies.  Conduct  IT  assessments  of  clients’  IT  organizational 
structure  and  Data  Center  Operations.  Responsible  for  leading  large 
Strategic  Sourcing  engagements  including  RFX  development,  RFX 
Evaluation  and  Contracting.  Responsible  for  sourcing  the  following  major 
categories  of  production  and  services:  Contract  Labor,  IT  Sourcing,  Data 
Network  Services,  Voice  Network  Services,  Directory  Assistance, 
Telemarketing  Services,  Hospitality  Services,  Wireless  Cell  Site 
Equipment,  Office  Equipment,  Installing  Services  for  Communication 
Providers,  Cable  Modems,  Cable  Modem  Termination  Systems, 
Videoconferencing,  HVAC,  IT  Equipment  and  Advertising  (Creative  and 
Pre-Print). 

WAGE:  $1 47,000/year 

Hours  worked:  Monday-Friday  9:00am-5:00pm 

The  position  requires  a  Bachelor's  degree  or  equivalent  in  Engineering 
(any  type),  Business,  Computer  Science  or  Information  Systems  +  4  and 
a  half  years  of  exp.  in  the  job  offered  or  4  and  a  half  years  as  a  Senior 
Manager,  Manager,  Project  Lead,  or  Value  Analyst/Contract  Negotiator. 
Experience  must  include  as  least  one  year  of  experience  with  Wireless, 
Wireline  Services  and  Financial  Services  Industries  including:  Leading 
Large  Project  Features;  Leading  Supply  Chain  Management  engage¬ 
ments,  specifically  around  Strategic  Procurement  and  RFX  development, 
evaluation  and  contracting;  Leading  Telecommunications  engagements, 
specifically  around  voice  and  data  network  architecture,  optimization 
strategies,  cost  structuring  and  cost  reduction  strategies;  Financial 
Modeling,  including  Cost  of  Ownership  Modeling,  Financial  Engineering, 
Lease  vs.  Buy  Cost  Benefit  Analysis  and  Activity  Based  Costing; 
Demonstrated  ability  leading  complex  Contract  Negotiations  and  prepar¬ 
ing  Service  Level  Agreements,  Statements  of  Work,  Master  Service 
Agreements;  and  Expertise  in  the  sourcing  of  major  categories  of  prod¬ 
ucts  and  services  including:  Contract  Labor,  IT  Sourcing,  Data  Network 
Services.  Voice  Network  Services,  Directory  Assistance,  Telemarketing 
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Anti-virus 

continued  from  page  1 

moniker  —  aiso  spent  hundreds 
of  millions  of  dollars  buying  up 
firms: Trusted  Information  Systems 
(TIS),  PGP  IntruVert  and  Enter- 
cept.  It  also  sold  off  its  Sniffer  pro¬ 
tocol-analysis  tools  and  Magic 
help  desk  units  in  what  CEO 
George  Samenuk  says  is  a  bid  to 
focus  solely  on  security. 

However,  becoming  a  full-ser¬ 
vice  security  company  takes 
more  than  an  acquisitive  streak 
and  deep  pockets. 

“We  want  to  be  more  than  just 
an  anti-virus  company”  says 
Allyson  Seelinger,  Symantec’s  vice 
president  of  global  channels, 
sales  and  strategy  Symantec  still 
struggles  to  dispel  the  notion  that 
it’s  somehow  not  a  full-fledged 
security  vendor,  she  says. 

Symantec’s  product  line  has 
grown  beyond  anti-virus.  But  cus¬ 
tomers  and  sales  channel  part¬ 


ners  —  Symantec  sells  virtually 
everything  through  region-specif¬ 
ic  value-added  resellers  and  sys¬ 
tems  integrators  —  still  typecast 
Symantec  as  an  anti-virus  vendor. 

For  Network  Associates  — 
which  also  will  be  reliant  on  sales 
channel  partners  after  it  sells 
Sniffer  —  the  perception  is  not 
much  different. 

“In  anti-virus  and  understanding 
major  exploits,  they’re  good,”  says 
Rodney  Madkins,  security  admin¬ 
istrator  at  Arkansas  Children’s 
Hospital  in  Little  Rock.  “But  1 
wouldn’t  necessarily  think  of 
Network  Associates  as  a  security 
vendor  in  a  larger  sense.” 

In  areas  such  as  vulnerability- 
assessment  tools,  firewalls  and  en¬ 
cryption,  for  example,  Network 
Associates  has  no  products.  The 
company  dropped  these  types  of 
security  wares  after  it  bought 
firms  that  made  them  —  PGP  for 
encryption  products,  TIS  for  its 
Gauntlet  firewall  —  but  found  it 


Security  rivals  at  a  glance 

Symantec  and  Network  Associates  well  armed  as  they  do  battle. 


Headquarters: 

CEO: 


FY  2003  revenue: 
Employees: 


R&D  spending 


Network  Associates  pf 

Santa  Clara 
George  Samenuk 
$933  million  Samenuk 


Symantec 

Cupertino,  Calif. 
JohnThompson 
$1.8  billion 


3,291  (500  to  leave  with  sale  of  Sniffer 
division  this  summer) 

$179.4  million 


5,000 


Cash  on  hand:  $1  billion 


$252.3  million 
$2  billion 


Product  categories: 


Anti-virus;  anti-spam;  Web  filtering; 
anti-spyware;  intrusion-prevention; 
desktop  firewall;  vulnerability 
assessment  services 


Anti-virus;  anti-spam;  Web  filtering; 
anti-spyware;  intrusion-prevention; 
desktop,  perimeter  firewall; 
vulnerability  assessment  tools, 
services;  data-center  remote- 
managed  security;  patching; 
systems  administration  tools 


couldn’t  gain  market  share. 

Nevertheless,  anti-virus  software 
remains  a  cash  cow  for  both  com¬ 
panies. 


Symantec  posted  record  rev¬ 
enue  of  $  1 .8  billion  for  fiscal  2003, 
a  33%  increase  over  the  previous 
year,  and  net  income  of  $371  mil- 


Security  vendors  tout  new  wares 
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■  BY  ELLEN  MESSMER 

Network  Associates,  Trend 
Micro  and  eEye  Digital  Security 
this  week  will  each  unveil 
upgraded  versions  of  their  prod¬ 
ucts  aimed  at  protecting  net¬ 
works  from  viruses,  worms  and 
other  types  of  attacks. 

Network  Associates  has  an 
upgrade  of  its  intrusion-preven¬ 
tion  system  (IPS),  IntruShield, 
with  new  features  that  include 
the  ability  to  decrypt  Secure 
Sockets  Layer  (SSL)-encrypted 
data  streams  to  check  for  signs  of 
attacks. 

The  IntruShield  appliance  will 
do  this  by  storing  the  enterprise 
customer’s  SSL  key  in  IntruShield 
2.1  “We  don’t  terminate  the  SSL 
traffic  but  we  buffer  it,  copy  it 
and  inspect  it  with  IntruShield,” 
explains  Vimal  Solanki,  senior 
product  marketing  manager.  The 
upgrade  is  expected  to  ship  next 
month. 

Network  Associates  also  is  adding  firewall- 
based,  access  control  list  and  virtualization 
capabilities  to  IntruShield  2.1  for  more 
detailed  control  of  ports,  which  can  be  useful 
in  combating  worm  attacks. 

In  other  changes,  the  McAfee  IntruShield 
Manager  console  will  be  able  to  accept  secu¬ 
rity  alerts  and  reporting  from  Network 
Associates’  host-based  IPS  for  desktops  and 
servers.  Entercept  5.0  IntruShield  starts  at 
about  $  1 1 ,000. 

Trend  Micro  this  week  is  expected  to  intro¬ 
duce  OfficeScan  Corporate  Edition  6.5,  which 
combines  Trend  Micros  desktop-based  virus 


Network  Associates’  IntruShield  2.1 

The  updated  intrusion-prevention  system  includes 
security-threat  information  from  host-based  Entercept,  too. 
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The  “total  number  of  attacks”  view 
combines  Entercept  and  IntruShield  data. 
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Real-time  attack  details  can  show  what  Entercept 
sees  and  blocks,  such  as  Kazaa  file  transfer. 


protection  and  integrates  Trend  Micro’s  desk¬ 
top  firewall,  Enterprise  Client  Firewall.The  soft¬ 
ware,  available  this  week  for  about  $20  per 
user,  is  designed  to  monitor  inbound  and  out¬ 
bound  communications,  and  block  unautho¬ 
rized  attempts  to  reach  the  desktop.  In  addi¬ 
tion,  the  software  will  watch  for  spyware, 
adware  and  password-stealing  applications. 

The  new  edition  of  OfficeScan  also  includes 
the  so-called  Security  Trust  Agent  developed 
under  Cisco’s  Network  Admission  Control  pro¬ 
gram.  Network  managers  will  be  able  to  take 
advantage  of  the  desktop  Security  Trust  Agent 
to  report  on  anti-virus  status  to  Cisco  manage¬ 
ment  equipment  for  purposes  of  “quaranti¬ 


ning”  users  in  Cisco-based  router 
and  switch  networks  if  they  lack 
anti-virus  software  updates. 

Cisco,  which  is  in  beta  testing 
with  anti-virus  vendors  and  IBM 
in  the  Network  Admission 
Control  program,  is  expected  to 
have  products  to  support  this 
policy-enforcement  mechanism 
next  month. 

Trend  Micro  this  week  also  is 
expected  to  announce 
InterScan  Web  Security  2.0,  an 
HTTP/FTP  proxy  that  runs  on 
Windows,  Solaris  or  Linux  to  per¬ 
form  virus  filtering.  The  new  edi¬ 
tion  of  the  product  adds  support 
for  spyware  and  a  means  to  pro¬ 
tect  users  against  so-called 
phishing  scams  by  blocking  ac¬ 
cess  to  known  scam  sites  that 
dupe  users  into  giving  away  sen¬ 
sitive  personal  and  financial  in¬ 
formation.  An  optional  Web  fil¬ 
tering  module  option  is  priced 
at  $8.80  per  user  for  1 ,000  users, 
with  the  entire  proxy  altogether  priced  at 
$17.60  per  user. 

A  third  vendor,  eEye  Digital  Security,  which 
specializes  in  vulnerability-assessment  tools,  is 
expected  to  announce  the  fifth  version  of  its 
Retina  Network  Security  Scanner  for  discover¬ 
ing  vulnerabilities  in  Windows,  Unix  or  Linux 
machines  and  networked  devices,  including 
firewalls  and  routers. 

The  updated  scanner,  which  starts  at  $1,000 
per  year  for  a  16-machine  work  environment, 
will  include  remediation  management.  This 
workflow-based  remediation  is  based  on  the 
BigFix  patching  management  software  that 
eEye  has  licensed.  ■ 
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lion.  Network  Associates  antici¬ 
pates  a  revenue  decline  this  year 
to  about  $800  million  from  last 
year’s  $933  million  —  because  of 
the  sale  of  the  Magic  and  Sniffer 
businesses,  it  says.  The  company 
last  year  posted  earnings  of  $67 
million;  it  has  not  released  antici¬ 
pated  fiscal  2004  earnings. 

For  both  rivals, anti-virus  remains 
the  means  to  get  their  foot  in  the 
door  of  security  managers. 

Network  Associates  and 
Symantec  each  hold  about  25%  of 
the  $2  billion  corporate  anti-virus 
market,  according  to  IDC.A  major 
competitor  to  both  is  Trend  Micro, 
the  third-ranked  company  with 
about  a  15%  market  share.  Trend 
Micro  was  the  first  to  offer  server- 
based  software  in  1997  and  has 
kept  a  loyal  customer  following 
on  its  e-mail,  file  and  Internet  gate¬ 
way  products. 

Industry  analysts  say  Trend 
Micro’s  reputation  on  the  server 
and  gateway  is  well  deserved. 

“It  has  always  had  the  highest- 
performing  platforms,”  says  Gart¬ 
ner  analyst  John  Pescatore.  That 
has  made  Trend  Micro’s  presence 
a  force  on  the  server  side. 

Despite  pushing  into  the  battle¬ 
ground  of  anti-spam  software, 
Trend  Micro  has  no  ambition  to 
be  an  all  things  to  all  people  secu¬ 
rity  vendor.  Instead,  it  prefers  to 
partner  with  others  as  an  anti¬ 
virus  vendor.  That  philosophy  was 
one  of  the  main  reasons  Cisco 
chose  Trend  Micro  to  provide  it 
with  worm-  and  virus-blocking 
technologies  for  Cisco’s  line  of 
routers, switches  and  firewalls. 

But  the  urge  to  expand  might 
be  hard  to  resist.  Increasingly, 
virus  filtering  is  seen  by  cus¬ 
tomers  and  vendors  as  just  a  part 
of  content  filtering.  This  would 
include  stopping  spam,  spyware, 
See  Anti-virus,  page  61 
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plus  controls  for  blocking  access  to  Web 
sites  or  sending  unauthorized  documents. 
Customers  would  like  to  see  it  all  in  one 
appliance  if  only  to  simplify  management. 
Symantec  offers  McAfees  WebShield  and 
its  own  Secure  Gateway  Network  Associates 
added  intrusion-prevention  and  spyware 
features  to  its  anti-virus  software  package. 

Despite  their  broad  aspirations,  neither 
Symantec  nor  Network  Associates  has 
developed  much  security-related  core 
technology  on  their  own  outside  of  anti¬ 
virus.  Symantec  is  poised  to  replace  its  anti¬ 
spam  technology  for  what  it  gets  with  the 
Brightmail  acquisition.  Network  Associates, 
which  bought  anti-spam  firm  Deersoft  last 
year,  preferred  Deersoft’s  technology  to  its 
in-house  SpamKiller. 

Though  they  have  deep  pockets  from  anti¬ 
virus  sales  to  buy  their  way  into  new  areas 
of  security,  both  companies  sometimes 
have  found  it  an  uphill  battle  to  turn  the 
dynamic  start-ups  they  acquire  into  money¬ 
making  product  lines. 

Symantec  bought  Recourse  Technolo¬ 
gies  for  intrusion-detection  systems,  Rip- 
Tech  for  managed  security  services, 
SecurityFocus  for  threat-management  in¬ 
formation,  and  Mountain  Wave  for  security 
information  management  software. 

Network  Associates  bought  Entercept 
Security  Technologies  for  host-based  intru¬ 
sion-prevention  system  and  IntruVert  for 
network-based  IPS. 

But  selling  those  acquired  companies’ 
products  is  different  —  and  apparently  a  lot 
harder  —  than  selling  anti-virus  software, 
which  Gartner  calls  a  commodify 

“Desktop  anti-virus  is  a  volume  play”  said 
Kevin  Weiss,  Network  Associates  executive 
vice  president  of  sales,  during  the  compa¬ 
ny’s  recent  analyst  day  in  NewYork.“It’s  rel¬ 
atively  easy  to  sell  since  many  desktop  anti¬ 
virus  products  are  similar’’ 

He  said  the  more  sophisticated  host-  and 
network-based  IPSs  require  more  training 
and  knowledge.  Selling  complex  security 
gear  through  sales  channels  and  resellers 
can  be  hard. 

“IntruShield  is  down,”  Network  Associates’ 


Samenuk  said  about  sales  of  the  intrusion- 
prevention  appliance  during  a  conference 
call  with  Wall  Street  investors  in  April. 

Echoing  similar  sentiments  in  his  call  the 
same  week  with  Wall  Street,  Thompson 
noted  about  the  Symantec  Recourse  prod¬ 
uct  line, “This  is  a  tough,  tough  market.” 

Such  is  not  the  case  with  consumer  anti¬ 
virus,  which  according  to  IDC  is  about  a  $1 
billion  market.  Thompson  predicts  overall 
revenue,  43%  of  which  today  are  based  on 
consumer  purchases,  will  reach  $2.35  bil¬ 
lion  in  2005. 

“Anti-virus  is  the  cornerstone  of  our  busi¬ 
ness,”  says  Steve  Cullen,  senior  vice  presi¬ 
dent  for  security  products  and  solutions  at 
Symantec.  “The  consumer  business  does 
fuel  growth  for  the  enterprise  success.” 

Though  a  distant  second,  Network 
Associates  is  determined  to  expand  further 
into  the  consumer  market,  and  is  finding 
momentum  through  marketing  arrange¬ 
ments  launched  with  ISPs  such  as  AOL, 
MSN,  Comcast,  Cox  Communications,  Tele¬ 
fonica  and  Telstra. 

“It’s  fundamental  to  our  business,”  says 
Bill  Kerrigan,  senior  vice  president  at 
McAfee.  “Partnerships  account  for  75%  of 
new  subscriptions.”  The  first  quarter  this 
year  McAfee  recorded  860,000  new  sub¬ 
scribers  on  the  consumer  side, “our  largest 
quarter  ever,”  Kerrigan  says. 

Security  aspirations 

Deals  that  closed  this  year  highlight 
Symantec’s  aspirations  as  a  security  vendor. 
The  company  bought  ON  Technology  for 
$100  million  for  its  systems  management 
products  and  PowerQuest  for  $150  million 
for  its  imaging,  provisioning  and  storage 
management  offerings.  The  goal  is  not  to 
just  continue  selling  these  product  lines, 
but  to  integrate  patch-management,  provi¬ 
sioning  and  storage  technologies  it 
acquired  through  the  deals  into  innovative 
security  offerings. 

“It’s  integrating  security,  systems  and  stor¬ 
age  management  with  Symantec  Threat 
Management,”  says  Don  Kleinschnitz,  vice 
president  of  product  delivery 

Whenever  Symantec’s  Security  Response 
group  pinpoints  a  new  threat  such  as  a 
worm,  during  the  period  of  vulnerability 
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before  a  virus  or  filtering  update  is  avail¬ 
able,  a  security  alert  would  trigger  a  storage 
backup  to  preserve  machine  data,  Klein¬ 
schnitz  says.  ON  Technology’s  iPbtch  and 
On  Command  asset  management  gives 
Symantec  a  way  to  be  more  involved  in  the 
patching  process  to  “add  signatures  for 
defense,”  he  says. 

Symantec  says  it  plans  to  unveil  integrat¬ 
ed  products  to  accomplish  these  kinds  of 
goals  later  this  year.  However,  integrated 
security  based  on  automated  processes  has 
found  limited  acceptance  so  far  because 
many  organizations  remain  more  comfort¬ 
able  with  manual  response.  Network 
Associates  found  that  out  the  hard  way  a 
few  years  ago  with  its  Active  Security  effort, 
which  flopped. 

As  far  the  future,  Network  Associates  has 
just  committed  to  a  re-organization  that  the 
company  acknowledges  is  risky 

Samenuk  said  in  his  April  conference  call 
with  Wall  Street  analysts  that  the  company 
might  encounter  business  disruptions  from 
the  sale  of  the  Sniffer  division,  in  which 
about  500  employees  are  expected  to  exit 
this  summer  to  the  newly  formed  Network 
General.  (The  name  of  the 
new  company  is  based  on 
the  name  of  the  company 


that  originally  sold  Sniffer.) 

After  the  sale  of  Sniffer  is  complete, 
which  could  come  by  the  end  of  the 
month,  Network  Associates  will  change  its 
name  to  McAfee. 

“My  impression  is  [the  company  is]  going 
back  to  the  future,”  says  SG  Cowen  analyst 
Bster  Kuper.  Network  Associates’  course  has 
been  somewhat  erratic  over  the  years,  he 
says,  but  the  makeover  envisioned  for  later 
this  year  is  an  attempt  to  “start  over.” 

Though  the  major  anti-virus  vendors 
compete  fiercely  among  themselves,  the 
shadow  of  Microsoft  —  which  bought  the 
Romanian  anti-virus  firm  GeCAD  last  year 
—  hangs  over  all  of  them.  All  have  to  main¬ 
tain  close  ties  with  Microsoft  to  build  prod¬ 
ucts  that  run  with  its  products. 

Gartner’s  Pescatore  says  he  doesn’t  see 
Microsoft  entering  the  anti-virus  market 
before  the  Longhorn  timeframe  in  2007, 
but  he  added  the  anti-virus  vendors 
“should  fear  Microsoft’s  Adaptive  Pro¬ 
tection  technology,  which  should  ship  by 
the  end  of  2005.” 

While  it’s  not  likely  to  eliminate  the  need 
for  anti-virus  software,  “it  will  reduce  the 
price  enterprises  are  willing 
to  pay  for  reactive  signature- 
based  anti-virus,”  he  says.  ■ 
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E-mail  AUPs  and  monitoring 

L 


ast  week  I  discussed  “The 
Seven  Ugly  Dwarves,”  a  name 
coined  by  Elizabeth  Charnock, 
CEO  of  Cataphora,  for  e-mail  con¬ 
tent  that  reveals  dirty  secrets  and 
behaviors.  After  relating  some  exam¬ 
ples,  1  mentioned  the  need  for 
acceptable-use  policies  and  mail- 
retention  policies  and  threatened  to  return  to  these 
subjects.  Well,  here  we  are.  First  we’ll  tackle  AUPs. 

1  suspect  that  many  of  you  have  AUPs  in  place 
that  specify  what  your  users  are  allowed  to  do  and 
what  they  are  not  allowed  to  do. That’s  the  whole 
point  —  in  the  context  of  your  business’s  practical, 
ethical  and  legal  foundations,  your  AUP  should  act 
as  a  training  aid,  a  best  practices  guide  and  an 
insurance  policy. 

In  organizations  that  take  these  things  seriously 
employees  are  often  required  to  sign  a  document 
saying  they  have  read  and  will  abide  by  the  AUP 
while  companies  that  are  really  committed  rein¬ 
force  the  authority  of  the  AUP  through  mandatory 
training  sessions. 

But  where  many  companies  fall  short  is  enforcing 
these  policies.  It  doesn’t  matter  what  you  tell  people 
or  what  commitments  they  make;  if  you  aren’t  keep¬ 
ing  an  eye  open  for  problems  and  violations,  you 
might  never  know  what  disasters  are  waiting  for  you 


until  they  happen.  In  other  words,  trust  but  verify 

One  of  the  first  things  to  keep  an  eye  on  is  the 
flow  of  messages.This  will  tell  you  if  users  are  abus¬ 
ing  the  mail  system  according  to  the  terms  of  the 
AUP  A  sudden  upswing  in  the  number  of  messages 
sent  by  an  individual  could  mean  he  is  spamming, 
is  mail-bombing,  has  a  worm  or  virus  infection  that 
is  acting  as  a  spam  relay  or  has  become  a  zombie 
for  a  hacker.  A  significant  upswing  in  the  number  of 
messages  a  user  receives  could  mean  he  needs 
help  learning  not  to  reply  to  spam  solicitations  or 
has  subscribed  to  too  many  lists. 

But  if  you’re  really  serious, you  should  also  be 
watching  who  is  communicating  with  whom.  A  sud¬ 
den  increase  in  the  number  of  messages  exchanged 
or  new  exchanges  between  individuals  who  have  no 
normal  need  to  communicate  could  mean  some¬ 
thing  is  going  on  that  needs  to  be  monitored. 

Next  comes  content  monitoring.  As  messages  pass 
through  servers  they  should  be  scanned  for  telltale 
words  and  phrases  that  could  be  indicative  of  non- 
compliance  with  laws  and  or  corporate  policies. 

Content  monitoring  is  crucial  if  you  are  in  a  regu¬ 
lated  industry  For  example,  if  your  business  comes 
under  the  shadow  of  the  Health  Insurance  Portabil¬ 
ity  and  Accountability  Act,  which  legislates  the  priva¬ 
cy  and  security  of  personal  health  information  and 
medical  records,  then  you  have  some  serious  corpo¬ 


rate  responsibilities  to  live  up  to. 

The  same  considerations  apply  to  the  Sarbanes- 
Oxley  Act,  which  legislates  what  is  and  is  not 
acceptable  regarding  the  retention  of  records  elec¬ 
tronic  or  otherwise  for  public  companies,  execu¬ 
tives  and  the  general  population. 

But  there  are  two  key  problems  with  content 
monitoring.The  first  is  scale  —  scanning  20  mes¬ 
sages  per  user,  per  day  in  a  10,000-seat  organization 
requires  real  horsepower. The  second  problem  is 
even  more  tricky  —  what  to  do  with  messages  that 
trigger  the  filters.  Do  you  stop  suspicious  messages 
to  prevent  damage  from  being  done  but  introduce 
a  serious  delivery  delay  if  it  is  a  false  positive,  or  do 
you  send  the  message  on  and  act  after  damage 
might  have  been  done?  The  choice  you  make  will 
depend  on  the  type  of  business  you  are  in. 

There’s  also  the  manpower  overhead,  as  someone 
has  to  stay  on  top  of  the  monitoring. Whoever  is 
monitoring  has  to  read  and  judge  content  that  is 
trapped  and  act  upon  what  they  read. 

So,  monitoring  is  not  an  insignificant  commit¬ 
ment.  But  what  about  e-mail  retention?  How  long 
should  you  keep  e-mail  around?  That’s  something 
we’ll  retain  for  next  week  . . . 

Hold  nothing  back  by  sending  your  AUP  thoughts 
to  backspin@gibbs.com. 
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BookCrossing.com:  Chapter  2 

When  we  first  visited  BookCrossing 
.com  two  years  ago,  the  fledgling  online 
community  had  3,400  registered  members  and  a  driving  force,  Ron  Hornbaker, 
who  saw  the  site  as  a  pleasant  diversion  that  might  become  an  effective  call¬ 
ing  card  for  his  software  development  business. 

Today  BookCrossing  boasts  257,000  members,  10  million  page  views  per 
month  and  1.1  million  registered  books.  It  has  also  become  Hornbaker's  full¬ 
time  livelihood. 

Who  knew?  . .  .  Not  Hornbaker. 

“We're  getting  400  new  members  a  day,  and  that's  on  an  increasing  pace,  so  it 
looks  as  though  we’ll  have  a  million  members  within  a  couple  of  years,”  he 
says. 

Not  bad  for  a  diversion. 

BookCrossing.com  is  for  book  lovers  who  would  rather  give  their  favorite 
titles  to  total  strangers  than  toss  them  on  a  shelf  or  in  the  trash.  Members 
“release”  their  books  “into  the  wild"  —  they  simply  leave  them  in  a  public  place 
—  after  registering  the  titles  on  the  site  and  affixing  stickers  that  explain 
what’s  going  on. The  stickers  include  a  unique  identification  number  that  lets 
’he  books  be  tracked. The  person  who  finds  the  book  is  supposed  to  note  the 
sticker,  become  curious,  visit  www.bookcrossing.com,  report  the  ID  number  and 
log  a  journal  entry  about  the  find. The  site  also  provides  forums  for  members  to 
swap  tales. 

Paying  for  such  an  operation  —  never  mind  a  small  staff  —  has  proven  chal¬ 
lenging  but  not  impossible. 

“When  it  started  growing  we  had  to  figure  out  a  revenue  stream,”  Hornbaker 
says.  “The  problem  with  the  sites  that  take  off  without  some  sort  of  funding  is 

that  tney  just  implode  of  their  own  weight.” 


WhileT-shirts,  promotions  and  partnerships  with  book  publishers  have 
generated  some  income,  BookCrossing’s  best  source  of  revenue  has  proven 
to  be  “release  kits”  that  provide  members  with  the  eye-catching  labels  they 
need  to  attract  a  passerby’s  attention  to  their  books.  Membership  is  free,  as 
are  more  rudimentary  labels,  but  these  kits  that  start  at  $18  apiece  have 
proven  to  be  a  hit. 

“We  get  400  new  members  a  day  who  are  pretty  excited  about  joining  Book- 
Crossing,  and  half  of  our  sales  go  to  new  members  on  day  zero,”  he  says. 
“With  a  quarter-million  people  it  doesn’t  take  a  very  large  percentage  to  be 
buying  things  to  keep  a  small  team  like  ours  in  the  black.” 

The  site's  rapid  growth  has  brought  with  it  other  predictable  issues. 

"Right  now  our  main  concerns  are  keeping  up  with  the  growth  and  adding 
new  features,”  Hornbaker  says.  "As  the  site  gets  slow  we  add  more  servers. 
We  have  a  cluster  system  going  that's  working  out  really  well.” 

In  addition  to  soaring  membership  and  a  steady  if  unspectacular  revenue 
stream,  another  measure  of  BookCrossing’s  success  is  the  higher  rate  at 
which  released  books  are  being  reported  back  to  the  site. Two  years  ago, 
Hornbaker  told  me  that  only  10%  of  released  books  were  ever  heard  from 
again,  a  reality  that  tended  to  deflate  the  interest  of  early  participants. Today 
that  rate  is  up  to  between  20%  and  25%,  an  increase  Hornbaker  attributes  to 
heavy  press  coverage  and  good  word  of  mouth. 

"The  biggest  thing  I  see  is  the  power  of  a  community,”  he  says.  "Give  them 
the  tools,  the  forums  and  the  means  to  do  private  messaging,  and  the  commu¬ 
nity  evolves.  It’s  like  watching  a  garden  grow.” 

At  the  end  of  our  chat  I  told  Hornbaker  that  I’d  check  back  with  him  in  another 
two  years  to  see  how  things  have  progressed  . . .  unless  Amazon  or  Barnes  & 
Noble  buys  him  out  in  the  meantime  and  he’s  off  living  on  some  island. 

“Well,  even  if  we  aren’t,”  he  chuckled,  “we're  having  fun  anyway.” 

Has  anyone  out  there  tried  BookCrossing?  The  address  is  buzz@nww.com. 


HP  Integrity  servers  are  taking  off,  as  are 
the  companies  using  them. 


Companies  adopting  HP  Integrity  servers,  powered  by  industry-leading 
Intel  Itanium'  2  processors,  are  seeing  remarkable  gains  in  performance. 

The  momentum  is  building.  One  after  another,  companies  are  choosing  HP  Integrity  servers. 
Leading  software  and  technology  partners  such  as  BEA,  Microsoft®  Oracle,  SAP  and  Siebel 
Systems  have  embraced  the  platform  as  an  industry  standard.  And  with  the  ability  to  manage 
a  mixed  environment  of  UNIX,  Microsoft®  Windows®  Linux  and  OpenVMS,  HP  Integrity  servers  are 
fast  becoming  the  ultimate  consolidation  tool.  Demand  maximum  performance,  reliability  and  cost- 
efficiency  now,  on  a  platform  that  will  carry  you  forward  into  the  future.  Demand  performance 
that's  real-world  proven,  and  get  it— with  HP  Integrity  server  solutions. 


See  who's  choosing 
HP  Integrity  servers 
and  choosing  results. 

AIRBUS  UK 
COMPUSA 
FIAT  AUTO 

THE  KOEHLER  GROUP 
RAYMOND  JAMES 


invent 


To  get  the  IDC  white  paper  outlining  the  performance  of  HP  Integrity  servers  with  Intel  Itanium  2  processors, 
go  to  hp.com/go/demandlntegrityl3  or  call  1-800-282-6672,  option  5, !  mention  code  AQHG. 


Intel,  Intel  Inside,  the  Intel  Inside  Logo  and  Itanium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries. 
Microsoft  and  Windows  are  either  registered  trademarks  or  trademarks  of  Microsoft  Corporation.  ©2004  Hewlett-Packard  Development  Company,  L.P. 


Introducing  Firebox®  X.  Integrated,  expandable,  and  fully  model-upgradeable. 
The  network  security  your  company  really  needs.  All  inside  one  intelligent  box. 


ModelUpgradeab/e 


WatchGuard 


Firebox^ 


FREE  NETWORK 
SECURITY  GUIDE 


A  Practical  Guide 
for  Better  Security 


Get  yours  by  visiting  www.watchguard.com/nwguide 
or  by  calling  1-877-732-8780. 

The  Security  You  Really  Need.” 


SrCopynght  2004  WatchGuard  Technologies,  Inc.  All  rights  reserved,  WatchGuard,  the  WatchGuard  logo,  The  Security  You  Really  Need  and  Firebox  are  either  registered  trademarks  or  trademarks  of  WatchGuard  Technologies,  Inc.  in  the  United  States  and/or  other  countries. 


